There are 4 repositories under advanced-security topic.
Actions for running CodeQL analysis
This bootcamp is designed to familiarize you with GitHub Advanced Security (GHAS) so that you can better understand how to use it in your own repositories.
A GitHub action for organizations that enables advanced security code scanning on all new repos
GitHub Advanced Security Pull Request Security Team required review GitHub App
GitHub Advanced Security C# Demo Application
Vulnerable Terraform Projects - Fork of https://github.com/bridgecrewio/terragoat
Integrate GoKart security static analysis to GitHub Actions
Optimize the utilization of GHAS licenses in an enterprise (or organization)
GitHub Advanced Security scanning tutorial repository for Java
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS
GitHub Advanced Security Python Demo Application
A gh CLI extension to interact with secret scanning alerts for a GHEC or GHES 3.7+ enterprise, organization, or repository
Advanced Security with Docker
Fork of https://github.com/satishpatnayak/AndroGoat
GitHub Advanced Security Code Scanning demo using WebGoat, a deliberate insecure web application maintained by OWASP designed to teach web application security lessons.
Tracking resources, materials, links and milestones for Journey to GitHub Certification
GitHub Action for submitting Maven dependencies
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
Use code search to populate an MRVA repo list in VSCode
Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts
Integrate CodeQL into CI/CD pipelines, using the CodeQL CLI Bundle for Automated Code Scanning
Examples of Custom Secret Scanning Patterns
A GitHub Action that sends email notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency
Automatically set the CodeQL matrix job using the languages in your repository.
[deprecated] Tag SARIF to allow filtering by that tag in GitHub Advanced Security Code Scanning