DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
Offered By: Pluralsight
Course Description
Overview
Implementing Software Supply Chain Security can be challenging. In this course, you will learn how to improve code security with GitHub.
One of the most important aspects of software delivery is security. In the era of open-source projects, it is challenging and not easy to control every vulnerability and make sure that our solution does not use the package with serious vulnerabilities. The threat today to supply chain security is unpatched software. In this course, DevOps with GitHub and Azure: Implementing software supply chain security with GitHub, you will learn about tools for software supply chain security available on GitHub. First, you will understand what software supply chain security is and why it is important to not leave security as the last step of software delivery. Then, you will explore the configuration of Dependabot to automate keeping updated dependencies used in the project and how to add security static code analysis to an Actions workflow. Finally, you will explore how to add License scanning to an Actions workflow to protect against specific license types in used OSS packages. By the end of this course, you will have a clear overview of how to implement software supply chain security with GitHub, and how to maintain a secure repository by using GitHub best practices.
One of the most important aspects of software delivery is security. In the era of open-source projects, it is challenging and not easy to control every vulnerability and make sure that our solution does not use the package with serious vulnerabilities. The threat today to supply chain security is unpatched software. In this course, DevOps with GitHub and Azure: Implementing software supply chain security with GitHub, you will learn about tools for software supply chain security available on GitHub. First, you will understand what software supply chain security is and why it is important to not leave security as the last step of software delivery. Then, you will explore the configuration of Dependabot to automate keeping updated dependencies used in the project and how to add security static code analysis to an Actions workflow. Finally, you will explore how to add License scanning to an Actions workflow to protect against specific license types in used OSS packages. By the end of this course, you will have a clear overview of how to implement software supply chain security with GitHub, and how to maintain a secure repository by using GitHub best practices.
Syllabus
- Course Overview 1min
- Software Supply Chain Security 25mins
- Enhanced Security with GitHub Actions 28mins
Taught by
Daniel Krzyczkowski
Related Courses
Secure Android App DevelopmentUniversity of Southampton via FutureLearn DevSecOps: Building a Secure Continuous Delivery Pipeline
LinkedIn Learning Microsoft DevOps Solutions: Developing Security and Compliance
Pluralsight Using Security Analysis Tools to Protect ASP.NET and ASP.NET Core Applications
Pluralsight Maintaining Code Quality with TeamCity
Pluralsight