GitHub Advance Security (GHAS) Training

.NET / Blazor-focused prep site
Level 300 prep • GHAS • CodeQL • .NET / Blazor

GitHub Advanced Security Training Website

Use this site to prep your team for Microsoft’s Level 300 GHAS class, with a focus on C#, .NET, and Blazor. It includes account setup steps, feature overviews, labs, and an intentionally vulnerable .NET playground repo.

What you’ll learn

  • How GHAS fits into a modern DevSecOps pipeline for .NET teams
  • How CodeQL finds vulnerabilities (and how to triage alerts)
  • How to use Dependabot and dependency review effectively
  • How secret scanning helps prevent credential leaks
  • How to practice safely using an intentionally vulnerable .NET playground repo

Recommended path

  1. Create a GitHub account and access GitHub
  2. Understand GHAS features and terminology
  3. Push the .NET playground repo and run CodeQL
  4. Complete the lab manual exercises

Key focus areas (Level 300)

Code ScanningCodeQL queries, alert triage, PR gating
DependenciesDependabot alerts, updates, policy
SecretsLeak prevention, response workflow
Tip: Use the search box to filter sections on the current page.
© 2026 — Internal training content. Not for production use. Prepared February 28, 2026.


Hosted on Azure Static Web Apps