GH-500T00: GitHub Advanced Security

Course: 2034

Use GitHub Advanced Security features in real development environments. The course review should reinforce Secret Protection, push protection, Dependabot, dependency review, SBOMs, CodeQL, code scanning, SARIF, security overview, security policies, repository rulesets, alert triage, remediation, and administration.

Download PDF
  • Duration: 1 day
  • Price:
Get This Course
Scroll to view additional course dates

Reserve Your Seat

  • Virtual instructor Led Training
  • Complete Hands-on Labs
  • Softcopy of Courseware
  • Learning Labs
  • Virtual instructor Led Training
  • Complete Hands-on Labs
  • Softcopy of Courseware
  • Learning Labs
  • You can use your Purchase Card and checkout
  • The GSA Contract Number: 47QTCA20D000D
  • Call 800-453-5961 for details
  • Customize your class
  • Delivery Onsite or Online for your organization
  • Choice of Dates when and where you want
  • Guidance in choosing and customizing your class

Question About this Course?

GH-500T00 GitHub Advanced Security
GH-500T00 GitHub Advanced Security

GH-500  GitHub Advanced Security

GH-500T00: GitHub Advanced Security is an instructor-led course for security professionals, developers, DevOps engineers, administrators, and platform teams who want to implement advanced security practices with GitHub Advanced Security.

Students learn how GitHub Advanced Security helps protect code, secrets, and software supply chains before code reaches production. The course covers Secret Protection, code scanning, CodeQL, supply chain security, Dependabot, dependency review, security policies, repository rulesets, alert triage, remediation, and enterprise administration.

Certification: GitHub Advanced Security
Exam: GH-500: GitHub Advanced Security

Why Choose Dynamics Edge for GH-500T00 training?

Dynamics Edge delivers GH-500 training with practical GitHub Advanced Security examples, hands-on exercises, certification review, and implementation-focused discussion. The course helps students understand how to shift security left while improving visibility, governance, remediation, and developer adoption.

  • Learn how GitHub Advanced Security protects code, dependencies, and secrets across the software development lifecycle.
  • Practice Secret Protection, push protection, Dependabot, dependency review, code scanning, CodeQL, and security policy configuration.
  • Prepare for GH-500 exam objectives through structured review and hands-on lab reinforcement.
  • Understand enterprise, organization, and repository-level security administration.
  • Request private team delivery for secure development, DevSecOps adoption, GitHub governance, supply chain security, or application security modernization.

What will you learn in GH-500T00 training?

Students learn how to configure and use GitHub Advanced Security to detect, prevent, prioritize, and remediate security risks in repositories and organizations.

  • Describe GitHub Security suites, GitHub Advanced Security features, and the role of GHAS in secure software development.
  • Configure Secret Protection, secret scanning, push protection, validity checks, alert review, and custom secret patterns.
  • Configure supply chain security, dependency graph, Dependabot alerts, Dependabot security updates, version updates, SBOMs, and dependency review.
  • Configure Code Security with code scanning, CodeQL, SARIF uploads, custom queries, query suites, and language matrices.
  • Administer GitHub security policies, repository rulesets, permissions, alert workflows, audit logs, and remediation practices.

Course Outline GitHub Advanced Security GH-500

Module 1: Introduction to GitHub Advanced Security

Students learn the role of GitHub Advanced Security in the security ecosystem. They review how Secret Protection, Code Security, supply chain security, Dependabot, and dependency review help integrate security into the software development lifecycle.

Topics include:

  • Define GitHub Advanced Security and its core features.
  • Describe Secret Protection, Code Security, and supply chain security.
  • Explain how GHAS supports secure SDLC practices.
  • Understand prevention-first security compared with gate-based security.
  • Identify how GHAS improves visibility, remediation, and developer workflow.

Module 2: Configure Dependabot security updates on your GitHub repo

Students learn how GitHub helps manage vulnerable dependencies and supply chain risk. They review the dependency graph, GitHub Advisory Database, Dependabot alerts, security updates, version updates, auto-triage, dependency review, and SBOM concepts.

Topics include:

  • View repository dependencies by using the dependency graph.
  • Review Dependabot alerts and GitHub Advisory Database information.
  • Enable Dependabot security updates and version updates.
  • Configure Dependabot notifications, reports, and auto-triage rules.
  • Use dependency review to evaluate dependency changes in pull requests.

Module 3: Configure and use secret scanning in your GitHub repository

Students learn how Secret Protection helps detect and prevent exposed secrets. They review secret scanning, push protection, validity checks, alert filtering, alert remediation, alert recipients, exclusions, bypass permissions, and custom patterns.

Topics include:

  • Enable secret scanning at repository and organization levels.
  • Enable push protection to prevent secrets before commit.
  • Review and filter secret scanning alerts.
  • Configure alert recipients, exclusions, and bypass behavior.
  • Create and manage custom secret patterns.

Module 4: Configure code scanning on GitHub

Students learn how code scanning identifies vulnerabilities and coding errors in repositories. They review CodeQL, third-party tools, SARIF uploads, workflow templates, scan frequency, pull request checks, severity levels, alert triage, and remediation.

Topics include:

  • Enable code scanning with CodeQL.
  • Configure code scanning with GitHub Actions.
  • Upload SARIF results from third-party tools.
  • Configure pull request checks and scan frequency.
  • Review, dismiss, and remediate code scanning alerts.

Module 5: Identify security vulnerabilities in your codebase by using CodeQL

Students learn how CodeQL analyzes code as data to identify security vulnerabilities. They review CodeQL databases, CodeQL CLI, query execution, alert queries, path queries, data-flow analysis, query results, and troubleshooting.

Topics include:

  • Prepare a CodeQL database.
  • Run CodeQL queries against a database.
  • Understand alert queries and path queries.
  • Interpret CodeQL results and data-flow paths.
  • Troubleshoot CodeQL analysis and performance issues.

Module 6: Code scanning with GitHub CodeQL

Students learn how CodeQL works with GitHub code scanning. They review default setup, advanced setup, custom configuration files, query packs, individual query references, language matrices, build modes, and CodeQL CLI support.

Topics include:

  • Configure default and advanced CodeQL setup.
  • Reference additional CodeQL queries in a workflow.
  • Use custom CodeQL configuration files.
  • Configure a CodeQL language matrix.
  • Customize analyzed languages, build mode, and query suites.

Module 7: GitHub administration for GitHub Advanced Security

Students learn how administrators roll out and manage GitHub Advanced Security across repositories, organizations, and enterprises. They review enablement, policies, security overview, permissions, GITHUB_TOKEN permissions, and cross-organizational visibility.

Topics include:

  • Enable GitHub Advanced Security features.
  • Configure enterprise and organization security policies.
  • Use Security Overview for visibility and prioritization.
  • Manage alert permissions and security roles.
  • Apply least privilege to GITHUB_TOKEN permissions.

Module 8: Manage sensitive data and security policies within GitHub

Students learn how to protect sensitive data and enforce secure repository practices. They review security policies, repository rulesets, security advisories, audit logs, permissions, and Git history cleanup.

Topics include:

  • Create security policies and security documentation.
  • Configure repository rulesets and branch protection.
  • Create and manage security advisories.
  • Review security-related audit logs.
  • Remove sensitive data from Git history and prevent future exposure.

Hands-on labs

The GH-500 labs support hands-on practice for GitHub Advanced Security users, administrators, developers, and security teams. This single consolidated lab list is based on the exercise topics found in the GH-500 PowerPoint notes and slides.

  • Lab 1: Explore GitHub Advanced Security features and the GHAS security ecosystem.
  • Lab 2: Review repository security posture by using security overview and repository security settings.
  • Lab 3: View repository dependencies by using the dependency graph.
  • Lab 4: Review Dependabot alerts and GitHub Advisory Database vulnerability information.
  • Lab 5: Enable Dependabot security updates.
  • Lab 6: Enable Dependabot version updates.
  • Lab 7: Configure Dependabot notifications, reports, and auto-triage rules.
  • Lab 8: Use dependency review to evaluate dependency changes in pull requests.
  • Lab 9: Enable secret scanning for a repository.
  • Lab 10: Identify secrets stored in a repository and review secret scanning alerts.
  • Lab 11: Enable push protection to stop secrets before they are committed.
  • Lab 12: Configure secret scanning alert handling, validity checks, recipients, exclusions, and bypass behavior.
  • Lab 13: Enable code scanning with CodeQL.
  • Lab 14: Identify SQL injection vulnerabilities with CodeQL code scanning.
  • Lab 15: Configure a secure software development pipeline with code scanning checks.
  • Lab 16: Upload and review SARIF results from third-party code scanning tools.
  • Lab 17: Reference a CodeQL query in a CodeQL workflow.
  • Lab 18: Configure a CodeQL custom configuration file and query suite.
  • Lab 19: Configure a CodeQL language matrix for multi-language code scanning.
  • Lab 20: Remove sensitive data from Git history with BFG Repo-Cleaner and prevent future accidental commits with .gitignore.

Certification alignment

This course supports preparation for Exam GH-500: GitHub Advanced Security. The exam validates the ability to configure and use GitHub Security suites, Secret Protection, supply chain security, Code Security, security operations, and GHAS administration.

GH-500 skills measured

  • Describe GitHub Security suites, features, and ecosystem.
  • Configure and use Secret Protection.
  • Configure and use supply chain security.
  • Configure and use Code Security.
  • Apply security operations, prioritization, and remediation.
  • Administer GitHub Security suites.

Course review

Students should leave the course able to configure and use GitHub Advanced Security features in real development environments. The course review should reinforce Secret Protection, push protection, Dependabot, dependency review, SBOMs, CodeQL, code scanning, SARIF, security overview, security policies, repository rulesets, alert triage, remediation, and administration.

Certification exam review

Exam review should focus on scenario-based GHAS configuration, alert response, prevention-first security, and administration. Priority review areas should include Secret Protection, push protection, validity checks, custom secret patterns, Dependabot alerts, dependency graph, dependency review, security campaigns, CodeQL setup, custom queries, SARIF ingestion, code scanning alerts, repository rulesets, security overview, GITHUB_TOKEN permissions, audit logs, and Git history cleanup.

Question About this Course?

Need help picking the right course?

Contact Us

Call Now

Call Now800-453-5961