1. Home
  2. GitHub Advanced Security (GHAS) Developer Training

GitHub Advanced Security (GHAS) Developer Training

GitHub

Enable developers in your organization to both understand and effectively use the features of Advanced Security.

Full Description and Outline

Upcoming Classes

= Guaranteed to Run
Dates
Mode
Location
Price
Call to Schedule
Anytime
On-Site / Private
Your Location
Your Location
Request a Quote
Contact Us
Select a learning mode button (Public, Live Virtual, etc.) for pricing, details, and a downloadable fact sheet.
Description

GitHub Advanced Security allows you to have a “developer-first” approach to Application Security, recognizing that developers have a critical role to play in securing your applications. This training will enable developers in your organization to both understand and effectively use the features of Advanced Security.

What Are You Looking For?

Team Learning

Our learning experts provide private training for teams. Start a conversation about your training needs by calling us at 929.777.8102 or filling out our team training form below.

Setup A Conversation

Individual Learning

Join one of our upcoming public learning sessions. We offer both virtual sessions and in-person training at our industry-leading software conferences.

See Upcoming Sessions

 

What You'll Learn

Understand the key components of GitHub Advanced Security (Code Scanning, Secret Scanning and Dependabot).

Enable Secret Scanning and understand how to triage and remediate results.

Enable Dependabot and understand how to triage and remediate results.

 

Enable CodeQL analysis within GitHub Actions to perform static analysis for commonly used languages.

Configure GitHub Actions to trigger CodeQL analysis on both a schedule and in response to a Pull Request.

Interact effectively with the Code Scanning user interface to understand, triage and remediate reported vulnerabilities.

 

Understand how to configure CodeQL to improve the quality of results.

 

Understand how to integrate common third party tools into Code Scanning via GitHub Actions.

 

 

 

 

Why Coveros?

 

  • Developers
  • Product Security teams
  • DevSecOps teams

This engagement will consist of one session of 2 hours face-to-face time. Maximum session size is typically 20 people.

 

Questions? 929.777.8102 [email protected]
Course Outline
What is GitHub Advanced Security (GHAS)
Features of GHAS
The benefits of using GHAS
 
Securing Dependencies
Dependency Review
Dependabot & Dependency Graph
 
Secret Scanning
Using Secret Scanning
Create custom secrets
Code Scanning
Using CodeScanning
Using 3rd Party Tools with SARIF
 
CodeQL
What is CodeQL
How to Interact with CodeQL
Setting Up CodeQL GitHub Actions
 
GHAS in the Developer Flow
Related Courses
GitHub Copilot for Developers

This hands-on course helps software developers understand how to effectively incorporate Copilot into their software developer workflow.Learn more

Agile Team Facilitation

Designed for scrum masters, aspiring Agile Coaches, project or product managers, and more, this dynamic and interactive class is designed to help...Learn more

GitHub Copilot for Business Fundamentals

Learn GitHub Copilot’s Core features, business benefits, governance & controls, future roadmap, and frequently asked questions....Learn more

Bring this course to your team at your site. Contact us to learn more at 929.777.8102.

= Guaranteed to Run
Dates
Mode
Location
Price
Call to Schedule
Anytime
On-Site / Private
Your Location
Your Location
Request a Quote
Contact Us
Download Fact Sheet
Description

GitHub Advanced Security allows you to have a “developer-first” approach to Application Security, recognizing that developers have a critical role to play in securing your applications. This training will enable developers in your organization to both understand and effectively use the features of Advanced Security.

What Are You Looking For?

Team Learning

Our learning experts provide private training for teams. Start a conversation about your training needs by calling us at 929.777.8102 or filling out our team training form below.

Setup A Conversation

Individual Learning

Join one of our upcoming public learning sessions. We offer both virtual sessions and in-person training at our industry-leading software conferences.

See Upcoming Sessions

 

What You'll Learn

Understand the key components of GitHub Advanced Security (Code Scanning, Secret Scanning and Dependabot).

Enable Secret Scanning and understand how to triage and remediate results.

Enable Dependabot and understand how to triage and remediate results.

 

Enable CodeQL analysis within GitHub Actions to perform static analysis for commonly used languages.

Configure GitHub Actions to trigger CodeQL analysis on both a schedule and in response to a Pull Request.

Interact effectively with the Code Scanning user interface to understand, triage and remediate reported vulnerabilities.

 

Understand how to configure CodeQL to improve the quality of results.

 

Understand how to integrate common third party tools into Code Scanning via GitHub Actions.

 

 

 

 

Why Coveros?

 

  • Developers
  • Product Security teams
  • DevSecOps teams

This engagement will consist of one session of 2 hours face-to-face time. Maximum session size is typically 20 people.

 

Questions? 929.777.8102 [email protected]
Course Outline
What is GitHub Advanced Security (GHAS)
Features of GHAS
The benefits of using GHAS
dfdsaf
 
Securing Dependencies
Dependency Review
Dependabot & Dependency Graph
 
Secret Scanning
Using Secret Scanning
Create custom secrets
Code Scanning
Using CodeScanning
Using 3rd Party Tools with SARIF
 
CodeQL
What is CodeQL
How to Interact with CodeQL
Setting Up CodeQL GitHub Actions
 
GHAS in the Developer Flow
Class Schedule
 
 
Class Fee Includes
  • Easy course access: Attend training right from your computer and easily connect your audio via computer or phone. Easy and quick access fits todayís working style and eliminates expensive travel and long days in the classroom.
  • Live, expert instruction: Instructors are sought-after practitioners, highly-experienced in the industry who deliver a professional learning experience in real-time.
  • Valuable course materials: Courses cover the same professional content as our classroom training, and students have direct access to valuable materials.
  • Rich virtual learning environment: A variety of tools are built in to the learning platform to engage learners through dynamic delivery and to facilitate a multi-directional flow of information.
  • Hands-on exercises: An essential component to any learning experience is applying what you have learned. Using the latest technology, your instructor can provide hands-on exercises, group activities, and breakout sessions.
  • Real-time communication: Communicate real-time directly with the instructor. Ask questions, provide comments, and participate in the class discussions.
  • Peer interaction: Networking with peers has always been a valuable part of any classroom training. Live Virtual training gives you the opportunity to interact with and learn from the other attendees during breakout sessions, course lecture, and Q&A.
  • Small class size: Live Virtual courses are limited in small class size to ensure an opportunity for personal interaction.

 

Instructors
Jonathan Kauffman

Jonathan Miller Kauffman

Jonathan Miller Kauffman works as an agile software development and test consultant at Coveros. In this role, Jonathan has helped both government and commercial organizations develop and test high-quality applications, and he has gained his experience by working with healthcare, biomedical device, and research organizations. Jonathan also presents at and...Learn More

Questions?

Get in Touch Ways To Save

On-Site/Private Training

Let us bring the learning to your team at your location or in an interactive virtual classroom!
Choose from more than 50 courses.

View all courses

Combine World-Class Training and

Certification with a Conference

Maximize Your Learning Potential

STAR Conference logo

AI Con USA logo

Agile + DevOps USA logo