Security doesn't have to be hard - especially when it's built into your DevOps platform! In this session, you'll see what tools are available in the GitHub Advanced Security suite and how you can "shift left" on security. See how Dependabot automatically scans your repos to detect vulnerabilities in your package dependencies. You'll also see how to create a custom CodeQL query and how you can integrate custom queries into your CI/CD pipelines.
You will learn:
- About GitHub Advanced Security tooling
- How to configure Dependabot dependency scanning
- How to integrate CodeQL scans into your Actions workflows