Скачать с ютуб GitHub Advanced Security implemented in 30 minutes в хорошем качестве

GitHub Advanced Security implemented in 30 minutes

In this session, we’ll take a deep-dive into how GitHub Enterprise can help you build faster, better, and more securely. We’ll show you how to build security into your GitHub workflow, keeping secrets and vulnerabilities out of your codebase from day one. By the end of this session you’ll know how to stay on top of vulnerabilities as they arise and be able to leverage the security community’s expertise (without compromising your code). 0:00 - Start 1:27 - Implement security in 30 minutes 3:11 - Security capabilities in the Supply Chain, in your Code and in the Development Lifecycle (DevSecOps) 4:04 - Secret Scanning in GitHub Enterprise Cloud and eliminating leaked access tokens. 7:13 - Scanning for your company specific custom tokens 11:31 - Code Scanning - Static code analysis with CodeQL 19:56 - Easing tension between Security teams and Development teams 21:39 - Giving developers actionable security alerts, not just more notifications 26:31 - Security overview - The state of security across your entire organization 28:11 - Open source vulnerability scanning and managing the dependency tree 32:45 - Dependency review - finding vulnerabilities before merging changes 34:31 - Q&A 37:06 - Dealing with novel threats and vulnerabilities https://githubuniverse.com