Program Outline
GitHub Advanced Security
GitHub Advanced Security (GHAS) plays a crucial role in enhancing the security posture of software development projects on GitHub. It provides a comprehensive set of tools and features designed to identify and address security vulnerabilities throughout the development lifecycle. By integrating security directly into the development process with GHAS, your team can build more secure and reliable software. The course will explore how to utilize GHAS to maximize security impact and understand GHAS and its role in the security ecosystem.
Delivery
Virtual, On-site, or Hybrid
Duration
1 day
Product
GitHub
Role
Administrator
Microsoft
DevopsGitHub Advanced Security
Github
Best Fit
Audience Profile
Who This Program Is For
This course in intended for students who want to understand and implement advanced security practices with the help of GitHub Advanced Security (GHAS). They will learn how to significantly enhance software development processes and create a more resilient and secure development ecosystem using developer-first solutions to unlock the ability to keep code, supply chain, and secrets secure before you push to production. They will learn how GHAS gives security teams visibility into the cross-organizational security posture and supply chain and unparalleled access to curated security intelligence from millions of developers and security researchers around the world.
Overview
Program Summary
Candidates for this exam have experience using GitHub Advanced Security (GHAS) to secure code, secrets, and dependencies across the software development lifecycle.
Course Outline
Complete Module Sequence
Review the full module sequence for this program, including the primary topic coverage in each module where available.
1Module 1
GitHub Advanced Security Part 1 of 2
+
Module 1
GitHub Advanced Security Part 1 of 2
Learn how to secure your code with advanced security features at every stage of your development lifecycle. GitHub Advanced Security is an add-on to GitHub Enterprise that allows you to use security features, such as secret scanning, code scanning, and dependency management on your private repositories.
- Introduction to GitHub Advanced Security
- Configure Dependabot security updates on your GitHub repo
- Configure and use secret scanning in your GitHub repository
- Configure code scanning on GitHub
2Module 2
GitHub Advanced Security Part 2 of 2
+
Module 2
GitHub Advanced Security Part 2 of 2
Learn how to secure your code with advanced security features at every stage of your development lifecycle. GitHub Advanced Security is an add-on to GitHub Enterprise that allows you to use security features, such as secret scanning, code scanning, and dependency management on your private repositories. This is the second learning path out of two learning paths of GHAS.
- Identify security vulnerabilities in your codebase by using CodeQL
- Code scanning with GitHub CodeQL
- GitHub administration for GitHub Advanced Security
- Manage sensitive data and security policies within GitHub
Coverage Areas
Topic Coverage
Coverage Item 1
Domain 1: Describe GitHub Security Suites, Features, and Ecosystem (15-20%)
Coverage Item 2
Domain 2: Configure and Use Secret Protection (formerly secret scanning) (15-20%)
Coverage Item 3
Domain 3: Configure and Use Supply Chain Security (formerly Dependabot/Dependency Review) (15-20%)
Coverage Item 4
Domain 4: Configure and Use Code Security (formerly Code Scanning with CodeQL) (10-15%)
Coverage Item 5
Domain 5: Security Operations: Best Practices, Prioritization, and Remediation (15-20%)
Coverage Item 6
Domain 6: GitHub Security Suites Administration (10-15%)
Customization
Adapt This Program for Your Team
We can adapt this program around your team structure, platform priorities, delivery goals, and the scenarios your people need to work through in practice.
- •Align labs to your Microsoft tenant and workload scenarios
- •Add readiness checks and exam preparation reviews
- •Extend delivery with role-specific implementation workshops
