In this engagement we will work with a pilot or lighthouse team to help them enable GitHub Advanced Security for one or more key repositories. We'll guide you through a session to help teams enable GitHub Advanced Security features on one or more repositories. We'll collaborate on customizing the configuration for the selected repositories to improve engagement and remediation rates. We'll provide a blueprint for the team, and the wider organization, to enable GitHub Advanced Security at scale. We'll help accelerate the adoption of Advanced Security within your organization.
Team Learning
Our learning experts provide private training for teams. Start a conversation about your training needs by calling us at 929.777.8102 or filling out our team training form below.
What You'll Take Away:
✔ GitHub Advanced Security enabled on one or more repositories.
✔ Developers are able to take responsibility for enabling GitHub Advanced Security in their own repositories.
✔ A blueprint for enabling GitHub Advanced Security on further repositories in your organization.
Why Coveros?
- Developers
- Product Security Teams
- DevSecOps teams
- Must have purchased GitHub Advanced Security.
- Must have enough available GitHub Advanced Security seats to enable the selected repositories.
- Code base must be in GitHub prior to session.
- The attendees must either:
- Have administrative privilege of the selected repositories; or
- Have GitHub administrators enable GitHub Advanced Security on the selected repositories prior to the session.
- If the selected repositories reside on a GitHub Enterprise Server, then GitHub Advanced Security must be enabled in the Management Console.
- If the selected repositories contain C, C++, C#, or Java code, then the customer is expected to know the commands to successfully compile such code from a command-line interface.
- If a third-party CI/CD solution is to be used for CodeQL analysis, the third-party CI/CD solution must be available and ready for use prior to the session.
Questions? 929.777.8102 [email protected]
Discovery
This initial meeting has the goal of aligning both teams on the same goals for the engagement, in order to ensure a mutually-agreed successful outcome. In this session, we will cover:
This initial meeting has the goal of aligning both teams on the same goals for the engagement, in order to ensure a mutually-agreed successful outcome. In this session, we will cover:
- Introductions
- Discuss the process for the engagement.
- Explain the prerequisites to have any blockers eliminated prior to the Delivery session.
- Select 1-5 repositories for GitHub Advanced Security enablement.
- Schedule the Delivery and Follow-Up sessions.
Delivery
Our GitHub experts will walk through the process of enabling GitHub Advanced Security on the selected repositories.
Demonstrate the process of enabling GitHub Advanced Security and its various features
- Code scanning
- Secret Scanning
- Dependabot
- Dependency Review
Answer questions about GitHub Advanced Security.
Support troubleshooting common build failures.
Follow Up
In this session, our experts will revisit the customer’s pilot team:
- Review the selected repositories;
- Ensure that the selected repositories have been enabled or blockers to enablement have been resolved;
- Address any remaining or new questions;
- And, ultimately, provide the customer a sense of closure and resolution.
