Join our hands-on bootcamp to master GitHub Advanced Security. Learn to secure your repositories, manage dependencies, and implement code scanning. Gain practical skills to enhance your DevSecOps practices.
This bootcamp is designed to familiarize you with GitHub Advanced Security (GHAS) so that you can better understand how to use it in your own repositories. Throughout the workshop, you'll explore key features such as dependency management, code scanning, and secret scanning. By participating, you'll gain practical experience in integrating these security measures into your development workflow, ensuring your projects are secure from the ground up. Whether you're new to GHAS or looking to deepen your knowledge, this bootcamp offers valuable insights and hands-on exercises to elevate your DevSecOps practices. Join us to enhance your security posture and confidently navigate the evolving threat landscapes.
canela Workshop
€50
Max. Attendees: 30
Free registration for Early Bokeron ticket holders and a discount
for all others
Through interactive exercises and real-world examples, you will learn how to use GHAS to identify and mitigate security threats effectively.
Key Takeaways
Enhanced Security Posture: Integrate GHAS into your workflow to improve security.
Dependency and Code Scanning: Manage dependencies and use CodeQL to identify vulnerabilities.
Secret and Dependency Scanning: Detect and manage secrets and analyze dependencies for vulnerabilities.
Security Alert Management: Use a centralized dashboard for efficient alert management.
Practical Application: Apply knowledge through interactive exercises and real-world examples.
Target Audience
The GHAS Workshop is designed for Developers, Solution Architects, and DevOps Professionals who want to enhance their security posture and gain practical knowledge on leveraging GitHub Advanced Security.
Requirements
A laptop (Windows, Mac, or Linux)
Account for https://github.com
A text editor of your choice
The latest version of Git (optional)
Duration
4 hours with a break
Workshop Plan
Welcome and Introduction (15 min)
Securing Your Supply Chain with Dependency Management (30 min)
Learn how to manage and secure your dependencies using GHAS.
Understand the importance of dependency management in preventing supply chain attacks.
Setting up the Demo project (15 min)
Checking participants' requirements and setting up the workshop demo project
Secret Scanning (30 min)
Detect secrets like API keys, tokens, or credentials accidentally committed to your repositories.
Learn how to set up alerts and notifications to manage secret leaks effectively.
Break (15 min)
Dependency Scanning (45 min)
Analyze dependencies to identify known vulnerabilities in third-party packages.
Leverage Dependabot alerts and updates to keep dependencies secure.
Code Scanning (30 min)
Utilizes CodeQL to identify vulnerabilities in your codebase.
Supports popular programming languages such as C#, Java, JavaScript, Python, and more.
Security Alert Management (30 min)
Centralized dashboard for triaging and managing security alerts
Enable collaboration across teams to resolve issues efficiently.
