Applications are under attack and developers become the first line of defense by protecting the code and ensuring that we are applying security best practices.

There are several methods to attack your code, from directly inserting malicious code into your repo, to taking over an account or compromising a signing key to distribute software that isn’t officially part of a component, and many other ways.

It's simple to talk about shifting left on security, but how exactly are you supposed to do that? What tools should you be using and how do you apply them in a way that helps you release with confidence? We will cover the concept of application security, talk about tools available to you and ways that you can help ensure that tools don't get in the way of development.

Key Takeaways:
• Highlight challenges of finding and fixing vulnerabilities in software using GitHub Advanced Security.
• GHAS & GHAzDO Features
• Understand what is meant by shifting left on security.
• Disrupt the landscape of application security through unique position of being Developer First.
• Unify the DevSecOps experience by integrating a wide variety of application security.