GH-500T00 – GitHub Advanced Security
Course Overview
GH-500: GitHub Advanced Security
Course Description
Secure your software supply chain and protect your code from development to deployment with GH-500: GitHub Advanced Security. This expert-led course provides a deep dive into GitHub Advanced Security (GHAS) capabilities, equipping development, security, and DevSecOps teams with the tools to proactively detect vulnerabilities, enforce secure coding practices, and integrate security throughout the DevOps lifecycle.
Learn how to use Code Scanning, Secret Scanning, and Dependency Review effectively, manage security policies across repositories, and leverage GitHub-native security intelligence to strengthen application security posture at scale. Whether you're building open-source software or managing an enterprise repository, this course empowers you to shift security left using GitHub's powerful ecosystem.
Audience Profile
This course is ideal for:
Security engineers and DevSecOps professionals focused on securing application code and pipelines
Software developers and technical leads looking to embed security practices into GitHub workflows
Platform engineers and GitHub administrators responsible for managing security policies across repositories
Compliance managers and IT risk professionals working in regulated industries
Familiarity with GitHub, CI/CD concepts, and basic security principles is recommended.
Course Outline
Module 1: Introduction to GitHub Advanced Security
Overview of GitHub Advanced Security features and licensing
Understanding secure software development practices with GitHub
Positioning GHAS in the DevSecOps toolchain
Module 2: Enabling and Configuring GitHub Advanced Security
Enabling GHAS features across organizations and repositories
Managing GitHub security policies and permissions
Integrating GHAS with GitHub Enterprise and GitHub Actions
Module 3: Code Scanning with GitHub
Setting up code scanning workflows using CodeQL and GitHub Actions
Understanding security alerts and interpreting scan results
Customizing queries and maintaining secure code through automation
Module 4: Secret Scanning and Push Protection
Protecting against credential leaks with GitHub Secret Scanning
Activating push protection to block secrets before they reach your codebase
Managing custom patterns and remediation workflows
Module 5: Dependency Management and Supply Chain Security
Leveraging Dependency Graph, Dependabot alerts, and updates
Reviewing vulnerabilities and software bill of materials (SBOM)
Conducting secure dependency reviews and licensing checks
Module 6: Security Reporting, Compliance, and Best Practices
Generating reports and monitoring security health across projects
Integrating GitHub security with external SIEM or ticketing systems
Governance, audit readiness, and security automation strategies
Hands-on Experience
This course is approximately 40% to 50% hands-on, allowing participants to explore real-world scenarios with GitHub Advanced Security features, configure secure workflows, and apply automated threat detection in live GitHub environments.
Ready to Get Started?
Join thousands of professionals who have advanced their careers with our training programs.
Join Scheduled Training
Find upcoming sessions for this course and register for instructor-led training with other professionals.
View ScheduleCustom Training Solution
Need training for your team? We'll create a customized program that fits your organization's specific needs.
Get Custom Quote