GH-500 GitHub Advanced Security

Price
Net €
VAT €

Price
Price on Request

Duration
1 day

For companies and job seekers:
this course is 100% fundable!

Location

Course Language
English

Training Solutions
Online Live

Request a consultation Add to favorites Print as PDF

Secure software development is rapidly gaining importance. Modern development processes require transparency, automation, and robust security mechanisms throughout the entire code lifecycle.

Key topics

Security analysis of source code and dependencies.
Automated detection of vulnerabilities and secrets.
Securing CI/CD pipelines.
Governance, policies, and compliance in the development process.
Integration of security checks into modern DevOps workflows.

Prerequisites
Basic knowledge of software development, version control with Git, and an understanding of common development and build processes are required.

Target audience
Suitable for software developers, DevOps roles, security managers, and technical professionals who integrate security aspects into development processes.

The content taught helps to systematically strengthen code quality and security and to make modern development environments resilient, efficient, and sustainable.

Print as PDF

Course content

Advanced protection features

GHAS: Scans for secrets, code, dependencies
Using GHAS to improve security
Understanding GHAS in the security context

Automatic security updates

Managing risks in dependencies
Control warnings with Dependabot
Clarify rights for security notices
Enable auto-updates
Fix vulnerabilities
Get security information via GraphQL
Customize warning messages

Repository review

Details of the covert inspection
Settings for the hidden scan
Use hidden scan

GitHub Code Explorer

Explain code scanning.
Steps for activation in a repository.
Integrate third-party analysis.
GitHub Actions vs. third-party analysis.
Explaining CI tools.
Configuring code scanning with events.
Scheduled vs. event-driven workflows.

Code security issues

Create a database with CodeQL
Using CodeQL for error and security analysis
Evaluate results with queries

Code review with CodeQL

Understanding CodeQL analysis and how it works
Understanding the logical programming language QL
Setting up CodeQL scanning in the GitHub repository
Integrating your own CodeQL queries
Customize the language matrix in the CodeQL workflow
Using CodeQL CLI for scans and uploads to GitHub
Implement your own build steps

GitHub Advanced Security

Using GitHub Advanced Security in the development process
Recognize differences between open source and enterprise products
Enabling features in enterprise products
Set access rights and permissions
Define security policies
Process security alerts
Monitor security alerts
Use API endpoints for administration

GitHub Privacy Policy

Information for employees
Set permissions
Automating processes
Respond to incidents

Your training will be 100% funded

Our funding schemes are available exclusively to participants who live or work in Germany. Funding is not available outside Germany.

For career starters, job seekers, career changers, startups, experienced professionals, those looking to advance their careers, specialists, etc.

The QCG program for everyone in the company

Further information

The education voucher for all job seekers

Further information

Frequently asked questions

What is GitHub Advanced Security and what is it used for?

GitHub Advanced Security is an extension of GitHub Enterprise. It offers powerful features such as code scanning, secret scanning, and dependency monitoring—for greater security throughout the DevSecOps process.

What content does the GH-500 GitHub Advanced Security Training cover?

The training provides practical examples of how GitHub security features can be integrated: from code analysis and secrets management to secure dependency management.

Who is the GH-500 training particularly suitable for?

The training is aimed at developers, DevOps teams, security officers, and IT administrators who want to use GitHub securely and automate security processes.

What advantages does GitHub Advanced Security offer businesses?

Companies benefit from automated vulnerability scans, efficient code debugging, and a consistently secure software development process.

What are the requirements for GH-500 training?

Basic knowledge of GitHub and an understanding of software development and security principles are recommended in order to be able to apply the content quickly.

What tools and functions are used in the course?