GitHub Advanced Security (GH-500T00) - Training Courses | Afi U.
afiU logo
Guaranteed to Run sessions View all courses
HumanLeadershipCommunication and InfluencePersonal DevelopmentCoaching SkillsCustomer ExperienceTraining Function
Digital ToolsMicrosoft 365Microsoft CopilotMicrosoft SharepointMicrosoft Power PlatformSoftware Design Tools
TechnologyInfrastructure and systemSecurityCloudArtificial IntelligenceProgramming and Development
Data ScienceArtificial IntelligenceData ManagementBusiness IntelligenceDatabaseAutomation
Organizational StrategyBusiness AnalysisDigital TransformationIT Policy and GovernanceManagement and coachingNegociation and Influence
Project ManagementAgile MethodologyLean MethodologyScrumSAFe
Training and Coaching

Cultivate a learning organization and develop talent.

Customer Experience

Optimize your processes for operational excellence.

Employee Experience

Engage, empower, and enhance employee well-being.

Artificial Intelligence

Master AI and automate your processes.

Leadership

Develop key skills to inspire and mobilize.

Digital Tools

Boost collaboration and productivity within your teams

Strategy and Performance

Align your goals for sustainable growth.

Digital Transformation

Leverage technology to innovate and accelerate your growth.

MICROSOFT

Azure Developer AssociateAzure Architect DesignAzure Data Engineer Microsoft 365 FundamentalsView more

AWS

Certified Cloud PractitionerCertified Solutions ArchitectCertified Developer - AssociateCertified DevOps EngineerView more

LEAN SIX SIGMA

Lean Six Sigma - Green BeltLean Six Sigma - White BeltLean Six Sigma - Yellow BeltView more

PMI

Project Management - BasicsAgile Project Management - BasicsLeading SAFe 6 CertificationProgram ManagementView more

ICF

Coaching Fundamentals (level 1)Strategic coaching of a group (level 2)Supervision and deepening of coaching skills (level 3)View more

Other certifications

CompTIAVMwareCiscoITILScaled Agile Framework® (SAFe)
Coaching Fundamentals Executive Leadership Leadership and Team Management View all programs
Innovation Governance: Tools and Strategies to Transform Your Organization Leader as Coach: Better Delegation and Empowerment Coaching in a Consulting Role Building a Customer-Centric Culture: Drive Loyalty, Growth, and Innovation Management in the digital age View all microprograms
Artificial intelligence at the service of your organization Business Analysis in the Age of Artificial Intelligence Managing a Growing SME Adapting your management style to the new generations View all Circles by Afi U.
Private DeliveryCollaborative Learning WorkshopsBusiness CoachingCustom ProgramsPrivate Conferences
Who are we?Afi U. ExperienceThe TeamOur OfficesPartners and CertificationsCareers
BlogFunding programsNewsletterFAQContact
Benefits of Project Management and Key Trends For a leadership that fits you : find the right program Afi U. 2024-2025 Training Catalog Guaranteed-to-run schedule Discover the Power BI learning path

Change region

Canada (English)Canada (Français)France (Français)
ContactFAQ
Arrow leftBack to catalogue

New

GitHub Advanced Security (GH-500T00)

Private session

This training is available in a private or personalized format. It can be provided in one of our training centres or at your offices. Call one of our consultants of submit a request online.

Call now at 1 877 624.2344

  • Duration: 1 day
  • Regular price: On request

Course outline

Reference : GH-500T00

Duration : 1 day

© AFI par Edgenda inc.

GitHub Advanced Security (GHAS) plays a crucial role in enhancing the security posture of software development projects on GitHub. It provides a comprehensive set of tools and features designed to identify and address security vulnerabilities throughout the development lifecycle. By integrating security directly into the development process with GHAS, your team can build more secure and reliable software. The course will explore how to utilize GHAS to maximize security impact and understand GHAS and its role in the security ecosystem.

Audience

This course in intended for students who want to understand and implement advanced security practices with the help of GitHub Advanced Security (GHAS). They will learn how to significantly enhance software development processes and create a more resilient and secure development ecosystem using developer-first solutions to unlock the ability to keep code, supply chain, and secrets secure before you push to production. They will learn how GHAS gives security teams visibility into the cross-organizational security posture and supply chain and unparalleled access to curated security intelligence from millions of developers and security researchers around the world.

Prerequisites

Before attending this course, students should have :
  • Basic knowledge of Git and GitHub (core commands, branching, merging, etc.)
  • Experience with software development workflows (repositories, pull requests, code reviews)
  • Understanding of basic security concepts
  • Access to a GitHub account (preferably with admin or security permissions on a test repository)

Objectives

  • Understand the features and benefits of GitHub Advanced Security
  • Enable and configure code scanning to identify vulnerabilities
  • Use secret scanning to detect and prevent secret leaks
  • Implement dependency scanning (Dependabot) for vulnerable dependencies
  • Interpret and act on security alerts generated by GitHub Advanced Security
  • Integrate security workflows into CI/CD pipelines
  • Leverage advanced configuration options for security rules and policies
  • Support compliance with organizational and regulatory security requirements

Contents

Introduction to GitHub Advanced Security

  • Define GHAS and the importance of its integral features
  • How to utilize GHAS to get the most impact
  • Understand GHAS and its role in the security ecosystem
  • Module assessment

Configure Dependabot security updates on your GitHub repo

  • Manage your dependencies on GitHub
  • Dependabot alerts
  • Dependabot security updates
  • Manage Dependabot notifications and reports
  • Dependency review
  • Exercise - Configure Dependabot security updates
  • Module assessment

Configure and use secret scanning in your GitHub repository

  • What is secret scanning?
  • Configure secret scanning
  • Use secret scanning
  • Exercise
  • Module assessment

Configure code scanning on GitHub

  • What is code scanning?
  • Enable code scanning with third party tools
  • Configure code scanning
  • Configure code scanning exercise
  • Module assessment

Identify security vulnerabilities in your codebase by using CodeQL

  • Prepare a database for CodeQL
  • Run CodeQL in a database
  • Understand CodeQL results
  • Troubleshoot CodeQL results
  • Module assessment

Code scanning with GitHub CodeQL

  • What is CodeQL?
  • How does CodeQL analyze code?
  • What is QL?
  • Code scanning and CodeQL
  • Customize your code scanning workflow with CodeQL - Part 1
  • Exercise - Reference a CodeQL query
  • Customize your code scanning workflow with CodeQL - Part 2
  • Use the CodeQL CLI
  • Customize languages and builds for code scanning
  • Exercise - Configure a CodeQL language matrix
  • Module assessment

GitHub administration for GitHub Advanced Security

  • What is GitHub Advanced Security?
  • Enable GitHub Advanced Security
  • Manage access to GitHub Advanced Security
  • Manage the GitHub Advanced Security features and alerts
  • Module assessment

Manage sensitive data and security policies within GitHub

  • Setting security policies
  • Create and manage repository rulesets
  • Reporting and logging
  • Exercise
  • Module assessment