Prevent Secret Exposure With Secret Scanning (gh-500)
 

Prevent credential exposure with GitHub secret scanning, push protection, and validity checks. Essential for GH-500 Domain 2 and production security teams.
What you'll learn
Exposed credentials in your codebase create easily exploitable attack vectors - attackers scan GitHub constantly for leaked secrets. In this course, Prevent Secret Exposure with Secret Scanning (GH-500), you'll gain practical skills that serve two goals: passing the GH-500 certification exam and preventing credential exposure in production.
First, you'll explore the risks of exposed secrets through real-world breach scenarios and understand why secrets persist in Git history even after deletion. Next, you'll discover how to enable and configure secret scanning to detect 200+ partner secret patterns automatically. Then, you'll create custom patterns for your organization's proprietary credentials and integrate scanning into your development workflow.
Finally, you'll dive deep into push protection, the "shift-left" approach that blocks secrets before they're committed, and validity checks that help you prioritize remediation for still-active credentials. You'll also master alert visibility configuration to ensure the right people are notified.
When you're finished with this course, you'll have both the conceptual knowledge for GH-500 Domain 2 (15% of exam weight) and the hands-on skills to dramatically reduce your organization's credential exposure risk.