GitHub Advanced Security Training

Key Learning Areas

• Become familiar with GitHub's Advanced Security features and best practices
• Learn to manage your dependencies with GitHub Dependabot
• Understand how secret scanning works to configure and use it efficiently
• Learn how to implement code scanning, third party tools, and GitHub Actions
• Learn how to analyze the code in your GitHub repository and identify security vulnerabilities
• Learn how to use CodeQL, a powerful static analysis tool, to implement code scanning on GitHub
• Understand where GitHub Advanced Security fits in your software development lifecycle and how to enable and roll it out in your organization
• Familiarize yourself with GitHub's basic security tools, which prepare repositories for secure development and industry-standard response to threats

Course Outline

Participants can expect a combination of classroom learning and hands on activities that build experience and confidence using the GitHub Enterprise cloud platform.

The following modules will walk you through GitHub's advanced security features and provide you with the skills needed to recognize, apply, and evaluate these features within your own GitHub environment.

• Introduction to GitHub Advanced Security
• Configure Dependabot security updates on your GitHub repository
• Configure and use secret scanning in your GitHub repository
• Configure code scanning on GitHub
• Identify security vulnerabilities in your codebase
• Code scanning with GitHub CodeQL
• GitHub administration for GitHub Advanced Security
• Manage sensitive data and security policies within GitHub

Who Benefits

GitHub Administrators, QA Professionals, Security Professionals, and Developers

Prerequisites

Experience using GitHub as an administrator or developer