Maintain a secure repository by using GitHub best practices

DevOps Engineer
Solution Architect

Learn best practices for building, hosting, and maintaining a secure repository on GitHub.

Learning objectives

In this module, you will:

  • Identify the tools and GitHub features to establish a secure development strategy
  • Enable vulnerable dependency detection for private repositories
  • Detect and fix outdated dependencies with security vulnerabilities
  • Automate the detection of vulnerable dependencies with Dependabot
  • Add a security policy with a file
  • Remove a commit exposing sensitive data in a pull request
  • Keep sensitive files out of your repository by applying the use of a .gitignore file
  • Remove historical commits exposing sensitive data deep in your repository


  • A GitHub account
  • The ability to navigate and edit files in GitHub