What you'll learn

Security risks like secret leaks and dependency vulnerabilities are rising in modern software projects. In this course, Foundations of GitHub Security (GH-500), you'll gain practical skills that serve two goals: passing the GH-500 certification exam and making informed decisions about GHAS adoption.

First, you'll explore common security threats targeting GitHub repositories and understand how vulnerabilities arise throughout the SDLC. Next, you'll examine GitHub's built-in security features available without GHAS licensing, including branch protection and Dependabot alerts. Then, you'll dive into the three pillars of GHAS: Code Scanning, Secret Scanning, and Dependency Review.

The enhanced V5 module covers Security Overview—the single-pane-of-glass for organization-wide security visibility—and helps you understand role-based alert access and the free vs. licensed feature matrix.

When you're finished with this course, you'll have both the conceptual knowledge for GH-500 Domain 1 (15% of exam weight) and the practical foundation to evaluate and implement GHAS in your organization.