Protect your Code with GitHub Security Features -- Visual Studio Live!: Training Conferences and Events for Enterprise Microsoft .NET and Azure Developers

DevOps and Beyond

TH05 Protect your Code with GitHub Security Features

05/18/2023

9:30am - 10:45am

Level: Intermediate to Advanced

Rob Bos

DevOps Consultant

Xpirit

Creating modern software has a lot of moving parts. We all build on top of the shoulders of giants by leveraging closed/open source packages or containers that other people have shared. That makes securing our software a lot more complex as well!

In this session, you'll learn what possible attack vectors you need to look for, how to protect yourself against them and how to leverage GitHub's features to make your life easier!

Session Topics:

Signed Commits
Dependabot updates
Dependency scanning for known vulnerabilities
Secret scanning (and revoking) out of the box
Using CodeQL

You will learn:

Commit signing
Dependabot
Secret scanning
Code scanning using CodeQL