What you'll learn

Exposed credentials in your codebase create easily exploitable attack vectors — attackers scan GitHub constantly for leaked secrets. In this course, Prevent Secret Exposure with Secret Scanning (GH-500), you'll gain practical skills that serve two goals: passing the GH-500 certification exam and preventing credential exposure in production.

First, you'll explore the risks of exposed secrets through real-world breach scenarios and understand why secrets persist in Git history even after deletion. Next, you'll discover how to enable and configure secret scanning to detect 200+ partner secret patterns automatically. Then, you'll create custom patterns for your organization's proprietary credentials and integrate scanning into your development workflow.

Finally, you'll dive deep into push protection, the "shift-left" approach that blocks secrets before they're committed, and validity checks that help you prioritize remediation for still-active credentials. You'll also master alert visibility configuration to ensure the right people are notified.

When you're finished with this course, you'll have both the conceptual knowledge for GH-500 Domain 2 (15% of exam weight) and the hands-on skills to dramatically reduce your organization's credential exposure risk.