Skip to content
Get 30+ hours of free content from GitHub Universe! Watch now.

GitHub Advanced Security - Rollout and Deployment Training

Overview

A successful GitHub Advanced Security rollout at scale requires careful planning and involves both technical and organizational change management. This training provides support during the planning phases by providing best practices, recommended rollout strategies and identifying common pitfalls and issues.

Offering level

Advanced [300]

Target Audience

  • Platform Team
  • Product Security teams
  • DevSecOps teams
  • GitHub administrators

Key features and benefits

  • Understand best practices for rolling out GitHub Advanced Security.
  • Learn about the technical features that help support a phased or gradual rollout of Advanced Security across your organization.
  • Explore the techniques used to achieve high compliance and high remediation rates for identified vulnerabilities, including documentation and proactive enablement via PRs.
  • Demonstration of how to enable GitHub Advanced Security on GitHub Enterprise Server.

Engagement schedule

This engagement will consist of one session of 2 hours face-to-face time. Maximum session size is typically 15 people.

Syllabus

  • Introduction
  • Enabling GitHub Advanced Security on GitHub Enterprise (if applicable)
  • Planning a rollout
    • How to avoid forseeable problems
    • Get clean vs. keep clean
    • Code Scanning:
      • CI/CD integration, leveraging automation and CodeQL query selection
    • Secret Scanning:
      • Push protection, notifications and campaigns
  • How to enable Code Scanning at scale
    • CI/CD integration strategies for CodeQL
    • Automating enablement of CodeQL
  • Supporting developers
    • Internal documentation
    • Internal communication and support
    • Education
  • How to enable Secret Scanning at scale
  • Using policies to determine which organizations can use GHAS
  • Common pitfalls & how to be successful

Learning outcomes/business outcomes

After completing this workshop participants will be able to:

  • Enable the organization to maintain a sustained and controlled rollout of GitHub Advanced Security.

Prerequisites

  • Attendees should have completed the Developer Training, or have equivalent knowledge of GHAS.

How can we help?

Let's build a customized solution that meets all of your needs.

This field is required.
Please enter a valid work email address.
This field is required.
This field is required.
For support questions, head to
github.com/contact