Overview
Syllabus
Introduction
Git Overview
GitHub Overview
Git Terms
GitHub Repo Overview
Git Commit Overview
Git Branch Overview
Git Remote to Downstream or Upstream
Advanced Security Overview
GHAS Enabled Plans
GitHub Security
GHAS Use Cases
GHAS Components
Taking action on Alerts
How to enable GHAS
How to enable GHAS Automatically
Which GHAS do you have
GHAS Introduction Follow Along
What is a Security Vulnerability
Types of Security Vulnerabilities
0 Day Vulnerabilities
Most Common Vulnerabilities
Finding Vulnerabilities in GitHub
GitHub Advisory Database
Secret Scanning Overview
Secret Scanning Locations
Enabling Secret Scanning
Secret Scanning Partner Program
Partner Program Use Case
Starting a Scan
Scan Running Times
Secret Scanning Follow Along
Set Ignore Follow Along
Set Notifications Follow Along
Open Source Popularity
Open Source Maintenance Problems
Dependency Graph for Open Source
Dependency Graph Examples
Dependabot Overview
Dependabot Use Case Example
Dependabot Features
Enabling Dependabot
Dependabot Licensing for Private Repos
Dependabot Private Repository Workflow
Triaging Dependabot Vulnerabilities
Dependabot Limitations
Dependabot Follow Along
Code Scanning Overview
Supported Repositories
How Code Scanning Works
Starting a Scan
Code Scanning Setup Options
Where to Implement Scanning
Code Scanning Actions
Scanning Trigger Types
Code Scanning Follow Along
Enabling Code Scanning
Third Party SARIF Files Overview
Uploading Third Party SARIF Files
Third Party SARIF File Example
Default Code Scanning
Custom Code Scanning
Code Language Detection Scanning
CodeQL Database Analysis
CodeQL Query Analysis
Types of CodeQL Queries
CodeQL Queries DeepDive
Code Query Anatomy
Code Query Suite
Types of Code Query Suites
Code Query Findings
CodeQL Packs
Code Scanning Workflow
CodeQL Partner Integrations
Workflow Priority Order
Alerts Workflow
Alerts Security Incident Example
CodeQL Follow Along
Software Development Lifecycle SDLC
SDLC Restricting Access
SDLC Security Overview
SDLC Security Policies
SDLC Secret Scanning
SDLC Security Workflow
Types of Vulnerabilities
GitHub Advisory Database
Developer Roles and Responsibilities
Security Roles and Responsibilities
Admin Roles and Responsibilities
Additional Roles and Responsibilities
Notifying Responsible Parties
Triage Workflow based on Risk Ratings
Should I purchase a GHAS License
Enabling GHAS in GitHub
Levels of Enablement
Levels of Access to Alerts
Required Level of Access
Security Overview
GHAS Logging
API Endpoints for Security
Taught by
freeCodeCamp.org