Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/joshjohanning/ghas-demo2


https://github.com/joshjohanning/ghas-demo2

Last synced: 18 days ago
JSON representation

Awesome Lists containing this project

README 

        
GitHub Advanced Security Bootcamp March 2021




  Prerequisites
  Resources




> This bootcamp is designed to get you familiar with GitHub Advanced Security (GHAS) so that you can better understand how to use it in your own repositories.



## :mega: Prerequisites

To participate in the workshop you need a GitHub account and need to be invited to the workshop organization [advanced-security](https://github.com/advanced-security). If your repository hasn't been automatically created in the workshop organization, create a new project and push a copy of the `ghas-bootcamp-march-2021` project.



```bash

git clone https://github.com/advanced-security/ghas-bootcamp-march-2021.git

cd ghas-bootcamp-march-2021

git remote set-url origin https://github.com/advanced-security/ghas-bootcamp-march-2021.git

```



## :books: Resources

- [About code scanning](https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/about-code-scanning)

- [About dependency scanning](https://docs.github.com/en/free-pro-team@latest/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)

- [About secret scanning](https://docs.github.com/en/github/administering-a-repository/about-secret-scanning)

- [Action events that trigger workflows](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows)

- [Configuring builds for compiled languages](

https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-the-codeql-workflow-for-compiled-languages)

- [Configuring code scanning](https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning)

- [Configuring notifications for dependabot alerts](https://docs.github.com/en/free-pro-team@latest/github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies#configuring-notifications-for-dependabot-alerts)

- [Customizing dependency updates](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/customizing-dependency-updates)

- [Dependency update configuration options](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates)

- [Filter pattern cheat sheet](https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet)

- [Running additional queries](

https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#running-additional-queries)

- [Troubleshooting code scanning workflow](https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow)

- [Code scanning API](https://docs.github.com/en/free-pro-team@latest/rest/reference/code-scanning)

- [Secret scanning API](https://docs.github.com/en/rest/reference/secret-scanning)

- [GraphQL API](https://docs.github.com/en/free-pro-team@latest/graphql)

  - [RepositoryVulnerabilityAlert](https://docs.github.com/en/free-pro-team@latest/graphql/reference/objects#repositoryvulnerabilityalert)

- [REST API](https://docs.github.com/en/free-pro-team@latest/rest)