Overview
Explore GitHub's security features to protect your code in this comprehensive conference talk from GOTO Aarhus 2023. Learn about signed commits, Dependabot updates, dependency scanning for vulnerabilities, secret scanning, and CodeQL. Discover how to identify potential attack vectors and leverage GitHub's tools to enhance your software security. Through demonstrations and explanations, gain practical insights into implementing these features to safeguard your projects and streamline your development process.
Syllabus
Intro
Agenda
Commit signing
Demo
Commit signing
Dependabot
Demo
Dependabot
Security alerts on dependencies
Demo
Security alerts on dependencies
Secret scanning
Demo
CodeQL
Demo
Outro
Taught by
GOTO Conferences