YoVDO

GitHub Advanced Security Certification - Exam Preparation Guide

Offered By: freeCodeCamp

Tags

Git Courses GitHub Courses Security Vulnerabilities Courses Dependabot Courses CodeQL Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Prepare for the GitHub Advanced Security Certification exam with this comprehensive 2-hour 36-minute course. Master key concepts including Git and GitHub fundamentals, advanced security features, vulnerability identification, and robust security implementation. Explore topics such as secret scanning, dependency management, code scanning, and CodeQL. Learn best practices for integrating security into the software development lifecycle, understanding roles and responsibilities, and implementing enterprise-level security measures. Gain hands-on experience through practical follow-along sessions and in-depth explanations of GitHub Advanced Security components, use cases, and workflows. Elevate your code security expertise and validate your skills to enhance software integrity standards in your organization.

Syllabus

Introduction
Git Overview
GitHub Overview
Git Terms
GitHub Repo Overview
Git Commit Overview
Git Branch Overview
Git Remote to Downstream or Upstream
Advanced Security Overview
GHAS Enabled Plans
GitHub Security
GHAS Use Cases
GHAS Components
Taking action on Alerts
How to enable GHAS
How to enable GHAS Automatically
Which GHAS do you have
GHAS Introduction Follow Along
What is a Security Vulnerability
Types of Security Vulnerabilities
0 Day Vulnerabilities
Most Common Vulnerabilities
Finding Vulnerabilities in GitHub
GitHub Advisory Database
Secret Scanning Overview
Secret Scanning Locations
Enabling Secret Scanning
Secret Scanning Partner Program
Partner Program Use Case
Starting a Scan
Scan Running Times
Secret Scanning Follow Along
Set Ignore Follow Along
Set Notifications Follow Along
Open Source Popularity
Open Source Maintenance Problems
Dependency Graph for Open Source
Dependency Graph Examples
Dependabot Overview
Dependabot Use Case Example
Dependabot Features
Enabling Dependabot
Dependabot Licensing for Private Repos
Dependabot Private Repository Workflow
Triaging Dependabot Vulnerabilities
Dependabot Limitations
Dependabot Follow Along
Code Scanning Overview
Supported Repositories
How Code Scanning Works
Starting a Scan
Code Scanning Setup Options
Where to Implement Scanning
Code Scanning Actions
Scanning Trigger Types
Code Scanning Follow Along
Enabling Code Scanning
Third Party SARIF Files Overview
Uploading Third Party SARIF Files
Third Party SARIF File Example
Default Code Scanning
Custom Code Scanning
Code Language Detection Scanning
CodeQL Database Analysis
CodeQL Query Analysis
Types of CodeQL Queries
CodeQL Queries DeepDive
Code Query Anatomy
Code Query Suite
Types of Code Query Suites
Code Query Findings
CodeQL Packs
Code Scanning Workflow
CodeQL Partner Integrations
Workflow Priority Order
Alerts Workflow
Alerts Security Incident Example
CodeQL Follow Along
Software Development Lifecycle SDLC
SDLC Restricting Access
SDLC Security Overview
SDLC Security Policies
SDLC Secret Scanning
SDLC Security Workflow
Types of Vulnerabilities
GitHub Advisory Database
Developer Roles and Responsibilities
Security Roles and Responsibilities
Admin Roles and Responsibilities
Additional Roles and Responsibilities
Notifying Responsible Parties
Triage Workflow based on Risk Ratings
Should I purchase a GHAS License
Enabling GHAS in GitHub
Levels of Enablement
Levels of Access to Alerts
Required Level of Access
Security Overview
GHAS Logging
API Endpoints for Security


Taught by

freeCodeCamp.org

Related Courses

A Beginner’s Guide to VCS and Git
Packt via FutureLearn
AWS Developer Tools Deep Dive
A Cloud Guru
Git Quick Start
A Cloud Guru
Implementing Azure DevOps Development Processes
A Cloud Guru
Infrastructure as Code on GCP with Deployment Manager
A Cloud Guru