microsoft partner logo color
8390  Reviews star_rate star_rate star_rate star_rate star_half

GitHub Advanced Security

GitHub Advanced Security (GHAS) plays a crucial role in enhancing the security posture of software development projects on GitHub. It provides a comprehensive set of tools and features designed to...

Read More
By Request
$675 USD
Duration 1 day
Course Code GH-500T00
Available Formats Classroom

Overview

GitHub Advanced Security (GHAS) plays a crucial role in enhancing the security posture of software development projects on GitHub. It provides a comprehensive set of tools and features designed to identify and address security vulnerabilities throughout the development lifecycle. By integrating security directly into the development process with GHAS, your team can build more secure and reliable software. The course will explore how to utilize GHAS to maximize security impact and understand GHAS and its role in the security ecosystem.

Audience Profile

This course in intended for students who want to understand and implement advanced security practices with the help of GitHub Advanced Security (GHAS). They will learn how to significantly enhance software development processes and create a more resilient and secure development ecosystem using developer-first solutions to unlock the ability to keep code, supply chain, and secrets secure before you push to production. They will learn how GHAS gives security teams visibility into the cross-organizational security posture and supply chain and unparalleled access to curated security intelligence from millions of developers and security researchers around the world.

Course Details

Outline

  • Introduction to GitHub Advanced Security
    • Define GHAS and the importance of its integral features
    • How to utilize GHAS to get the most impact
    • Understand GHAS and its role in the security ecosystem
    • Module assessment
  • Configure Dependabot security updates on your GitHub repo
    • Manage your dependencies on GitHub
    • Dependabot alerts
    • Dependabot security updates
    • Manage Dependabot notifications and reports
    • Dependency review
    • Exercise - Configure Dependabot security updates
    • Module assessment
  • Configure and use secret scanning in your GitHub repository
    • What is secret scanning?
    • Configure secret scanning
    • Use secret scanning
    • Exercise
    • Module assessment
  • Configure code scanning on GitHub
    • What is code scanning?
    • Enable code scanning with third party tools
    • Configure code scanning
    • Configure code scanning exercise
    • Module assessment
  • Identify security vulnerabilities in your codebase by using CodeQL
    • Prepare a database for CodeQL
    • Run CodeQL in a database
    • Understand CodeQL results
    • Troubleshoot CodeQL results
    • Module assessment
  • Code scanning with GitHub CodeQL
    • What is CodeQL?
    • How does CodeQL analyze code?
    • What is QL?
    • Code scanning and CodeQL
    • Customize your code scanning workflow with CodeQL - Part 1
    • Exercise - Reference a CodeQL query
    • Customize your code scanning workflow with CodeQL - Part 2
    • Use the CodeQL CLI
    • Customize languages and builds for code scanning
    • Exercise - Configure a CodeQL language matrix
    • Module assessment
  • GitHub administration for GitHub Advanced Security
    • What is GitHub Advanced Security?
    • Enable GitHub Advanced Security
    • Manage access to GitHub Advanced Security
    • Manage the GitHub Advanced Security features and alerts
    • Module assessment
  • Manage sensitive data and security policies within GitHub
    • Setting security policies
    • Create and manage repository rulesets
    • Reporting and logging
    • Exercise
    • Module assessment
Read Less

Schedule

Upcoming Course Dates

There are currently no scheduled dates for this course. If you are interested in this course, contact us with the form below.

Contact Information

FAQ

How do I get a Microsoft exam voucher?

Pearson Vue Exam vouchers can be requested and ordered with your course purchase or can be ordered separately by clicking here.

  • Vouchers are non-refundable and non-returnable. Vouchers expire 12 months from the date they are issued unless otherwise specified in the terms and conditions.
  • Voucher expiration dates cannot be extended. The exam must be taken by the expiration date printed on the voucher.

Do Microsoft courses come with post lab access?

Most Microsoft official courses will include post-lab access ranging from 30 to 180 calendar days after instructor led course delivery. A lab training key in class will be provided that can be leveraged to continue connecting to a remote lab environment for the individual course attendee.

Does the course schedule include a Lunchbreak?

Lunch is normally an hour-long after 3-3.5 hours of the class day.

What languages are used to deliver training?

Microsoft courses are conducted in English unless otherwise specified.

Reviews

ExitCertified was a great. They gave me all the materials and information I needed ahead of time to prepare for the course.

Easy to work with. Learning material pdfs were able to be printed out in color which was very nice to write on.

Great class I learned a great deal from the material. There would seem to a large amount that I need to learn about.

Instructor, Training material & span of the training is neatly planned.

The class covered the concepts needed for the AWS Cloud Practitioner Certification.