Congratulations, You Now Own App Security!
Modern software development is moving faster than ever, driven by rapid release cycles and AI-generated code. Yet security and code quality have struggled to keep pace. Vulnerabilities and maintainability issues discovered after release often sit in backlogs for months, increasing risk and technical debt. At the same time, security teams are heavily outnumbered by developers and AI-assisted code creation, making it difficult for centralized approaches to scale. The result is a growing gap between how quickly software is delivered and how well it is secured and maintained.
This session shows how to close that gap by shifting security and code quality left with GitHub Advanced Security.
You’ll see how CodeQL, secret scanning with push protection, Dependabot, and Code Quality work directly in the developer workflow to catch issues before code is merged. With AI-powered detection and real-time fixes, teams can move toward a “found means fixed” approach, reducing risk and improving code health without slowing delivery.
📅 Date: Thursday, May 7th
⏰ Time: 12:00pm – 2:00pm EST | 18:00-20:00 CET
What You Will Learn
- How GitHub Advanced Security integrates into the developer workflow
- How Code Scanning with CodeQL detects vulnerabilities early in development
- How Secret Scanning and Push Protection prevent credential leaks before code reaches production
- How Code Quality analysis identifies maintainability and reliability issues before they become bugs
- How teams can manage and prioritize findings using Security Overview
Key Takeaways
- Security is most effective when it becomes part of everyday development
- Developers can identify vulnerabilities and reliability issues earlier in the SDLC
- Secret protection helps prevent costly credential leaks
- Code Quality insights improve long-term maintainability and reduce future defects
- Centralized visibility helps organizations manage risk across repositories
Who This Session is For
- Software developers working in GitHub repositories
- DevOps and platform engineers responsible for CI/CD and developer workflows
- Security teams supporting DevSecOps initiatives
- Engineering leaders looking to improve application security practices
Meet the Speakers
 Randy Pagels
|
Randy is a Microsoft MVP and Principal Trainer at Xebia USA, with over 17 years at Microsoft. He delivers hands-on training on GitHub topics from Copilot and Advanced Security to Prompt Engineering and beyond. Known for his engaging style and practical focus, Randy helps teams confidently adopt AI-driven development practices through real-world scenarios, interactive workshops, and scalable learning formats. |
 Matt Olson |
Matt is a Senior App Modernization Consultant for Xebia Microsoft Services. By blending his understanding of cloud technology concepts, experience, and problem-solving sills, Matt focuses on helping organizations enhance their IT landscape by utilizing cloud technologies in an efficient, secure manner while not losing functionality or their ability to maintain their solutions. Currently, his main focus areas combine Application Security and Agentic AI tooling to help clients enhance their IT security posture in an AI-first manner using primarily GitHub Advanced Security and GitHub Copilot. Matt also has experience helping companies create a scalable, efficient and reliable IT solutions by making use of cloud services such as GitHub and Azure. |