Weekend Project: Github Adv... Security
It will help you stand out
Last Week: What actually is Kubernetes? 📦
Next Week: Q&A 📢
This Week: Security Project: GitHub Advance Security
A Project you can do 🫵
That no one else is doing 🛑
That’s going to help you stand out as a Junior Cloud Security Engineer? ☁️⚔️
Chances are the above statement resonates with you, if so…. You’re in the right place.
GitHub Advance Security
…is set of process and features from GitHub that allow you as a security engineer to help developers in writing and deploying secure code, all while trying not to block their current deployment methods. You want to get into the headspace of thinking how can I help developers to ship secure products without causing bottlenecks and production deployment delays.
I think if you’re just getting started being able to say to an employer you already have experience with real world things like GHAS is an incredible starting place.
There’s also a cert you can get here, if that’s your sort of thing.
As you might image GHAS takes place mainly on the GitHub UI (it can be configured programmatically) so If you’ve never used GitHub you might want to start here instead: GitHub Starter Project
What’s covered:
GHAS: How to Enable?
Secret Scanning: What + How?
Code Scanning: What + How?
Dependabot: What + How?
Enabling GHAS
Before we can use any GHAS features, we need to enable it. In your org, next to enterprises (Make these if you don’t have them, you can delete after), go to Advance Security > Configurations
…The rest is for members of the Cyber Notes Community 🚀
Sneak Preview
Keep reading with a 7-day free trial
Subscribe to Cyber Notes to keep reading this post and get 7 days of free access to the full post archives.