Modern Software Engineering

VSTH07 Shift-Left with DevOps-Better Security Starts with You and Great Tools


9:30am - 10:45am

Level: Intermediate

Brian A. Randell

Staff Developer Advocate


In today's fast-paced software development landscape, security can no longer be an afterthought. As a developer, you play a crucial role in ensuring the security of your applications from the very beginning of the development process. In this session, we'll explore the concept of "shift-left" security and how it can be implemented effectively using DevOps practices and powerful tools like GitHub Advanced Security.

Join Brian as he emphasizes the importance of making security everyone's responsibility within the development team. He'll discuss how integrating security earlier in the development lifecycle can help identify and mitigate potential vulnerabilities before they become costly and time-consuming to fix.

Throughout the session, Brian will showcase the features and benefits of GitHub Advanced Security, including both its free and paid components. You'll learn how to leverage these tools to enhance your security posture, whether you're working as an individual contributor or as part of an enterprise development team.

The session will include live demonstrations that will walk you through the process of implementing GitHub Advanced Security.

By the end of this session, you'll have a solid understanding of how to adopt a shift-left approach to security using DevOps practices and GitHub Advanced Security. You'll be empowered to take proactive steps in securing your applications, collaborating with your team to create a culture of security consciousness, and leveraging the right tools to streamline your security efforts.

Whether you're a seasoned developer or just starting your career, this session is perfect for anyone looking to level up their security skills and contribute to building more secure applications. Don't miss this opportunity to learn how to make security an integral part of your development process with GitHub Advanced Security.

You will learn:

  • Enable and configure code scanning to automatically identify potential security issues in your codebase
  • Set up secret scanning to prevent sensitive information from being accidentally exposed in your repositories
  • Utilize dependency reviews to identify and manage vulnerabilities in your project's dependencies
  • Integrate security alerts and notifications into your development workflow to ensure prompt action on potential threats