Skip to content
Expert Services
Contact Experts

GitHub supply chain security training

Overview

In this interactive training session, GitHub’s experts guide participants through practical labs and exercises, enabling engineers to immediately apply GitHub supply chain security products and features within their repositories.

Participants gain hands-on experience on how to leverage Dependency Graph, Dependabot, Security Advisories, Artifact Attestations, Software Bill of Materials (SBOM), empowering them to proactively secure their software supply chain.

Topics

  • Understanding and visualizing software dependencies with Dependency Graph and Insights
  • Utilizing Dependabot Alerts and Security Updates to manage vulnerabilities
  • Creating and managing Security Advisories and Policies
  • Generating and submitting Software Bill of Materials (SBOM)
  • Implementing Artifact Attestations for provenance and build integrity

Customer benefits

The offering will help customers:

  • Improve transparency and management of software dependencies
  • Proactively identify and remediate vulnerabilities within the software supply chain
  • Establish secure software development practices through clear security policies and advisories
  • Ensure integrity and provenance of software builds through artifact attestations

Learning objectives

After completing this training, learners will be able to:

  • Visualize and analyze software dependencies using GitHub’s Dependency Graph and Insights
  • Configure Dependabot for automated vulnerability detection and remediation
  • Draft and manage Security Policies and Advisories effectively
  • Create and utilize Software Bill of Materials (SBOM) to maintain accurate software inventory

Audience

Required:

  • Application security teams
  • Security champions

Optional:

  • Influential senior developers and leaders

Delivery details

  • Level: Intermediate [200]
  • Offering type: Training
  • Format: Remote
  • Class size: 16 participants maximum

Customer prerequisites

Before this training, the customer needs to have in place:

  • GitHub Enterprise licenses
  • Each attendee should have an active GitHub.com account (NOT their EMU or GHES account)

How can we help?

Let's build a customized solution that meets all of your needs.

This field is required.
Please enter a valid work email address.
This field is required.
This field is required.
For support questions, head to
github.com/contact
Back to catalog listing