-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
12 additions
and
19 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,28 +1,21 @@ | ||
| # GitHub Advanced Security (GHAS) and Copilot Adoption - Microsoft Reactor Series | ||
| # GitHub Advanced Security (GHAS) and Copilot Adoption - Microsoft Reactor Series | ||
|
|
||
| ## Introduction | ||
| An introduction to the workshop's goals and explaintion of the benefits of adopting GitHub's AI-powered security features. | ||
| ## Introduction | ||
| Welcome to our workshop on GitHub's AI-powered security features. In this session, we'll explore how these tools can enhance your security posture and streamline your development processes. | ||
|
|
||
| ## GHAS, Copilot and Tech Debt Reduction | ||
| Discussion on how GHAS and Copilot capabilities improve application security and reduce tech debt | ||
| Also included are a collection of exercises that guide participants through configuring and using these tools effectively. | ||
| ## GHAS, Copilot, and Tech Debt Reduction | ||
| Learn how GHAS and Copilot not only bolster your application's security but also aid in reducing technical debt. This segment includes practical exercises that will guide you through the effective setup and usage of these tools. | ||
|
|
||
| ## AI-Powered Application Security Testing and Auto-Remediation | ||
| A set of practical demonstrations of AI features that detect vulnerabilities, highlighting their importance. | ||
| Also covered is the new Autofix which is expected end of this quarter. | ||
| The demonstratino here shows how GHAS helps reduce technical debt by identifying and fixing vulnerabilities at scale. | ||
| Engage with our practical demonstrations that showcase AI-driven features capable of detecting vulnerabilities. We'll also preview the upcoming Autofix feature, which automates the remediation process, significantly cutting down on technical debt. | ||
|
|
||
| ## Hands-On Lab and Demonstrations | ||
|
|
||
| This section of the workshop includes: | ||
|
|
||
| * A step-by-step workflow focusing on "explain it, show it, and then have them do it." | ||
| * Lab exercises enabling secret scanning, Dependabot, and CodeQL, demonstrating their ease of use. | ||
| * AutoFix capabilities in a Stay Clean demo, showcasing remediation in live projects. | ||
| Experience our interactive labs which include | ||
| - A structured approach that guides you through each feature (ie explain it, show it, then do it yourself.) | ||
| - Exercises that introduce you to secret scanning, Dependabot, and CodeQL, emphasizing their user-friendliness. | ||
| - A demonstration of the AutoFix capability, which illustrates remediation in real-time. | ||
|
|
||
| ## Code-to-Cloud Security with GitHub and Microsoft Defender for Cloud | ||
| Here we discuss the strategic rollout of GHAS with Microsoft Defender for Cloud. | ||
| A demonstratino of Azure Function app hook integration is also provided | ||
| The goal here is to illustrate synergy between these services for comprehensive code-to-cloud security. | ||
|
|
||
| This section delves into the strategic integration of GHAS with Microsoft Defender for Cloud. You'll see a live demonstration of how to connect an Azure Function app, showcasing the seamless synergy between these services for end-to-end security. | ||
|
|
||
| Remember, this workshop is designed to be interactive, so you'll get the chance to apply what you learn immediately. We look forward to guiding you through these powerful tools and techniques that will enhance your security and development efforts. |