GitHub Advanced Security (GHAS) plays a crucial role in enhancing the security posture of software development projects on GitHub. It provides a comprehensive set of tools and features designed to identify and address security vulnerabilities throughout the development lifecycle. By integrating security directly into the development process with GHAS, your team can build more secure and reliable software. The course will explore how to utilise GHAS to maximise security impact and understand GHAS and its role in the security ecosystem.

This course in intended for students who want to understand and implement advanced security practices with the help of GitHub Advanced Security (GHAS).

• Basic understanding of GitHub fundamentals
• A GitHub account

After completing this course, students will be able to:

• How to significantly enhance software development processes and create a more resilient and secure development ecosystem using developer-first solutions to unlock the ability to keep code, supply chain, and secrets secure before you push to production.
• How GHAS gives security teams visibility into the cross-organisational security posture and supply chain and unparalleled access to curated security intelligence from millions of developers and security researchers around the world.

GitHub Advanced Security Part 1 of 2

• Introduction to GitHub Advanced Security
• Configure Dependabot security updates on your GitHub repo
• Configure and use secret scanning in your GitHub repository
• Configure code scanning on GitHub

GitHub Advanced Security Part 2 of 2

• Identify security vulnerabilities in your codebase by using CodeQL
• Code scanning with GitHub CodeQL
• GitHub administration for GitHub Advanced Security
• Manage sensitive data and security policies within GitHub