Securing GitHub: Protect Your Code & Access (Virtual)

Workshop date : Sep 22 2024

Topic: Securing GitHub: Protect Your Code and Access

Global Big Data Conference  is organizing full day Virtual Workshop (7hrs) on Sep 22nd 2024 - Comprehensive GitHub security – Using GitHub to protect your code, your access, your automation and more! 

Security is a fundamental concern and requirement in all aspects of software development today. And GitHub is the industry-leading collaboration platform for software development. So, it’s crucial that anyone working with/in GitHub understands how to use it securely.

Join expert technologist, trainer and author Brent Laster to survey and learn to use the controls, policies, and automation that GitHub makes available to work securely in its platform. Learn about managing access, dealing with vulnerabilities in your code or dependencies, preventing sensitive data from getting into your repositories, automatically creating needed security updates, and more! This will be a hands-on workshop so you get real experience working with the mechanisms in GitHub. All you need is a GitHub userid and a browser!

Security must be top of mind as you work in GitHub whether you are working in the public site or

in an enterprise instance. As the industry leading platform for development and collaboration,

GitHub provides a wide variety of security features and options. 

But without understanding them, it is very easy to work in GitHub in an insecure way and

expose your code and other assets to vulnerabilities. It's also necessary to be able to respond

to security issues that arise outside of your control - in your dependencies, in hacking attempts,

and in accidental misuse as others collaborate with you. This workshop will provide you with the

insight and understanding you need to be able to work in GitHub securely.

Agenda

Part 1: Introduction and Overview

Topics include:

Welcome

Workshop overview and setup

Importance of having and managing security in GitHub

Part 2: Protecting your access

Topics include:

How GitHub approaches security - user vs repositories

Securing access with tokens and keys

Hands-on lab: Securing your account - managing authentication with fine-grained personal

access tokens

Part 3: Protecting your repositories

Topics include:

Understanding repo security risks

Best practices for securing repos

Using branch protection and rulesets

Hands-on lab: Setting up branch protection and rulesets and trying it out

Part 4: Protecting your code

Topics include:

GitHub's Advanced Security offering

Scanning for vulnerabilities with CodeQL

Hands-on lab: Setting up CodeQL and responding to issues

Part 5: Protecting your credentials

Topics include

What secrets are in GitHub

Setting up and using secrets scanning

Responding to secrets scanning alerts

Hands-on lab: Setting up secret scanning for your repos and responding to alerts

Part 6: Protecting your dependencies

Topics include

Code scanning and dependency vulnerability assessments

Setting up and using Dependabot for automated dependency updates

Hands-on lab: Using Dependabot to manage your dependency vulnerabilties and updates

Wrap-up and other security topics (as time allows).

Speaker Bio

I'm Brent Laster - a global trainer and book author, DevOps director at a top technology firm, and founder and president of Tech Skills Transformations LLC. I've been working with and presenting at NFJS events for ten years now and it is always exciting and interesting.

Through my decades in programming and management,I've always tried to make time to learn and develop both technical and leadership skills and share them with others Regardless of the topic or technology, my belief is that there is no substitute for the excitement and sense of potential that come from providing others with the knowledge they need to help them accomplish their goals.

In my spare time, I hang out with my wife Anne-Marie, 4 children and a small dog in Cary, North Carolina and design trainings and write books.

NOTE: Agenda and speakers subject to change without notice

Refund Policy

No refunds will be given for cancellations.

Please note: Ticket prices are subject to increase or decrease, at the discretion of Global Big Data Conference, before and/or after you have made your purchase, and do not entitle the purchaser to a partial refund or credit.

Terms & Conditions In order to obtain a high-quality audience at the Conferences, Global Big Data Conference reserves the right to revoke any purchased tickets from an attendee without explanation.

If you have any questions concerning the event, please do not hesitate to contact [email protected] or Call 408-400-3769

Event Venue

Online