GitHub Advanced Security Certification Prep

Topic 1 Introduction to GitHub Advanced Security

• Define GHAS and the importance of its integral features
• How to utilize GHAS to get the most impact
• Understand GHAS and its role in the security ecosystem

Topic 2 Configure Dependabot security updates on your GitHub repo

• Manage your dependencies on GitHub
• Dependabot alerts
• Dependabot security updates
• Manage Dependabot notifications and reports
• Dependency review
• Configure Dependabot security updates

Topic 3 Configure and use secret scanning in your GitHub repository

• What is secret scanning?
• Configure secret scanning
• Use secret scanning

Topic 4 Configure code scanning on GitHub

• What is code scanning?
• Enable code scanning with third party tools
• Configure code scanning
• Configure code scanning exercise

Topic 5 Identify security vulnerabilities in your codebase by using CodeQL

• Prepare a database for CodeQL
• Run CodeQL in a database
• Understand CodeQL results
• Troubleshoot CodeQL results

Topic 6 Code scanning with GitHub CodeQL

• What is CodeQL?
• How does CodeQL analyze code?
• What is QL?
• Code scanning and CodeQL
• Customize your code scanning workflow with CodeQL - Part 1
• Reference a CodeQL query
• Customize your code scanning workflow with CodeQL - Part 2
• Use the CodeQL CLI
• Customize languages and builds for code scanning
• Configure a CodeQL language matrix

Topic 7 GitHub administration for GitHub Advanced Security

• What is GitHub Advanced Security?
• Enable GitHub Advanced Security
• Manage access to GitHub Advanced Security
• Manage the GitHub Advanced Security features and alerts

Topic 8 Manage sensitive data and security policies within GitHub

• Setting security policies
• Create and manage repository rulesets
• Reporting and logging

• DevOps Engineer
• Security Engineer
• Software Developer
• Application Security Analyst
• Security Consultant
• GitHub Administrator
• Cybersecurity Specialist
• Vulnerability Analyst
• Cloud Security Engineer
• IT Security Manager
• Systems Administrator
• Network Security Engineer
• Penetration Tester
• Compliance Analyst
• Secure Code Developer
• Security Architect
• QA Engineer with Security Focus
• Software Security Tester
• Technical Support Engineer
• Security Operations Analyst

Ajay B :  Ajay is a ACLP certied trainer. Ajay is a vendor neutral cloud consultant and training expert on Cloud , with several Private cloud deployments in India and cloud migration knowledge .He is a Cloud and DevOps enthusiast with consulting, deployment and training expertise on OpenStack, AWS, Google Cloud ,Azure, Jenkins, and Docker

Ajay has 18 + years Industry experience as IT entrepreneur and 9 years in Cloud and Devops technical consulting, implementation and training area, currently working in capacity of Vice President – Cloud and Devops services handling singapore and India

Anil Bidari: Anil  is a ACLP certified trainer. He is an Enterprise Cloud and DevOps Consultant , responsible for  helping clients to move Virtual data centre to Private Cloud based on OpenStack and Public Cloud ( AWS, Azure and Google cloud) . Consulting and training experience on Devops tool chain like github , Jenkins, Sonarqube, Docker & kubernetes, Cloud foundry, Openshift, Ansible and SaltStack. Lot of my Role is involved design and implementation of a solution and training