Certification

GitHub Advanced Security

This exam is designed for experienced professionals in the field of software development and security. This certification is designed for individuals who have a deep understanding of GitHub and its security features, as well as hands-on experience in securing software development workflows.

At a glance

Level

Intermediate
Product

GitHub
Role

Administrator Developer DevOps Engineer Solution Architect Student
Subject

DevOps

Overview

Highlight your code security knowledge with the GitHub Advanced Security certification. Validate your expertise in vulnerability identification, workflow security, and robust security implementation—elevating software integrity standards. Once achieved, the certification will be valid for two years.

Important

This exam is provided by Microsoft, but the exam and associated certification are maintained by GitHub. Learn more about GitHub’s privacy policy.

Skills earned upon completion

Prepare for the exam

Hide completed

Practice for the exam

Practice Assessment

Assess your knowledge

Practice assessments provide you with an overview of the style, wording, and difficulty of the questions you're likely to experience on the exam. Through these assessments, you're able to assess your readiness, determine where additional preparation is needed, and fill knowledge gaps bringing you one step closer to the likelihood of passing your exam.

Take the practice assessment

Exam Sandbox

Experience demo

Experience the look and feel of the exam before taking it. You'll be able to interact with different question types in the same user interface you'll use during the exam.

Launch the sandbox

Take the exam

You will have 100 minutes to complete this assessment.

Exam policy

This exam will be proctored. You may have interactive components to complete as part of this exam. To learn more about exam duration and experience, visit: Exam duration and exam experience.

If you fail a certification exam, don’t worry. You can retake it 24 hours after the first attempt. For subsequent retakes, the amount of time varies. For full details, visit: Exam retake policy.

Assessed on this exam

Domain 1: Describe the GHAS security features and functionality 10%
Domain 2: Configure and use secret scanning 10%
Domain 3: Configure and use dependency management 15%
Domain 4: Configure and use code scanning 15%
Domain 5: Use code scanning with CodeQL 20%
Domain 6: Describe GitHub Advanced Security best practices 20%
Domain 7: Configure GitHub Advanced Security tools in GitHub Enterprise 10%

Need accommodations?

We offer a variety of accommodations to support you.

Learn More

This exam is offered in the following languages:

English, Spanish, Portuguese (Brazil), Korean, Japanese

Schedule through Pearson Vue

Schedule exam

We strongly recommend that you register for an exam with a personal MSA account. If you register with an organizational (work/school) AAD account, your exam records will be lost if you leave your organization and they will be unrecoverable.

Price based on the country or region in which the exam is proctored.

Certification resources

Exam GH-500 study guide

Focus your studies as you prepare for the exam. Review the study guide to learn about the topics the exam covers, updates, and additional resources.

Certification poster

Check out an overview of fundamentals, role-based, and specialty certifications.

Exam Replay

Boost your odds of success with this great offer.

Support for credentials

Get help through Microsoft Credentials support forums. A forum moderator will respond in one business day, Monday–Friday.

Choose your Microsoft Credential

Microsoft Applied Skills or Microsoft Certifications? Choose the path that fits your career goals, desired skillset, and schedule.