Maintain a secure repository by using GitHub best practices

Module
6 Units

Beginner

DevOps Engineer

Administrator

Developer

Solution Architect

GitHub

Azure

In this module, you'll learn best practices for building, hosting, and maintaining a secure repository on GitHub.

Learning objectives

In this module, you will:

Identify the tools and GitHub features to establish a secure development strategy.
Enable vulnerable dependency detection for private repositories.
Detect and fix outdated dependencies with security vulnerabilities.
Automate the detection of vulnerable dependencies with Dependabot.
Add a security policy with a SECURITY.md file.
Remove a commit exposing sensitive data in a pull request.
Keep sensitive files out of your repository by applying the use of a .gitignore file.
Remove historical commits exposing sensitive data deep in your repository.

Prerequisites

A GitHub account
The ability to navigate and edit files in GitHub

Introduction min
How to maintain a secure GitHub repository min
Exercise - Add a .gitignore file min
Automated security min
Knowledge check min
Summary min