DevOps Private

GitHub Advanced Security (GH-500)

2 days

GitHubCybersecurity

Learn how to use GitHub Advanced Security to strengthen repository security by configuring Dependabot, secret scanning, code scanning, and CodeQL workflows.

Request Private Class

Register or Request Training

Course Overview

GitHub Advanced Security (GHAS) helps teams identify and address security risks throughout the software development lifecycle on GitHub. In this course, you will learn how GHAS fits into the security ecosystem and how to apply its core capabilities to improve the security posture of your repositories.

You will work with key GHAS features including Dependabot security updates, secret scanning, and code scanning. The course also introduces CodeQL for finding security vulnerabilities, interpreting results, and troubleshooting scans, along with administrative tasks for enabling and managing GHAS and its alerts. Finally, you will review approaches for managing sensitive data and security policies within GitHub, including repository rulesets, reporting, and logging.

Course Benefits

Explain GitHub Advanced Security (GHAS) features and its role in the security ecosystem
Configure Dependabot alerts and security updates, and manage related notifications and reports
Enable and use secret scanning to detect exposed secrets in repositories
Configure code scanning, including enabling scanning with third-party tools
Use CodeQL to identify vulnerabilities, review results, and troubleshoot issues
Enable and administer GHAS, including managing access and handling GHAS features and alerts
Set security policies, manage repository rulesets, and use reporting and logging to support governance

Delivery Methods

Private Class
Delivered for your team at your site or online.

Course Outline

Introduction to GitHub Advanced Security
1. Define GHAS and the importance of its integral features
2. How to utilize GHAS to get the most impact
3. Understand GHAS and its role in the security ecosystem
4. Module assessment
Configure Dependabot security updates on your GitHub repo
1. Manage your dependencies on GitHub
2. Dependabot alerts
3. Dependabot security updates
4. Manage Dependabot notifications and reports
5. Dependency review
6. Module assessment
Configure and use secret scanning in your GitHub repository
1. What is secret scanning?
2. Configure secret scanning
3. Use secret scanning
4. Module assessment
Configure code scanning on GitHub
1. What is code scanning?
2. Enable code scanning with third party tools
3. Configure code scanning
4. Configure code scanning exercise
5. Module assessment
Identify security vulnerabilities in your codebase by using CodeQL
1. Prepare a database for CodeQL
2. Run CodeQL in a database
3. Understand CodeQL results
4. Troubleshoot CodeQL results
5. Module assessment
Code scanning with GitHub CodeQL
1. What is CodeQL?
2. How does CodeQL analyze code?
3. What is QL?
4. Code scanning and CodeQL
5. Customize your code scanning workflow with CodeQL - Part 1
6. Customize your code scanning workflow with CodeQL - Part 2
7. Use the CodeQL CLI
8. Customize languages and builds for code scanning
9. Module assessment
GitHub administration for GitHub Advanced Security
1. What is GitHub Advanced Security?
2. Enable GitHub Advanced Security
3. Manage access to GitHub Advanced Security
4. Manage the GitHub Advanced Security features and alerts
5. Module assessment
Manage sensitive data and security policies within GitHub
1. Setting security policies
2. Create and manage repository rulesets
3. Reporting and logging
4. Module assessment

Class Materials

Each student receives a comprehensive set of materials, including course notes and all class examples.

Class Prerequisites

Experience in the following is required for this GitHub class:

Basic understanding of GitHub fundamentals

Have questions about this course?

We can help with curriculum details, delivery options, pricing, or anything else. Reach out and we’ll point you in the right direction.

}