AB#1055085: GitHub administration for GitHub Advanced Security

Author: gitName

learn-pr/github/github-administration-github-advanced-security/1-introduction.yml

@@ -5,7 +5,7 @@ metadata:
   unitType: introduction
   title: Introduction
   description: An introduction to the advanced security subjects you learn about in this module.
-  ms.date: 05/02/2024
+  ms.date: 06/10/2025
   author: rmcmurray
   ms.author: robmcm
   ms.topic: unit

learn-pr/github/github-administration-github-advanced-security/2-what-is-github-advanced-security.yml

@@ -5,7 +5,7 @@ metadata:
   unitType: learning-content
   title: What is GitHub Advanced Security?
   description: Overview of the GitHub Advanced Security features and where they fit in the software development lifecycle.
-  ms.date: 05/02/2024
+  ms.date: 06/10/2025
   author: rmcmurray
   ms.author: robmcm
   ms.topic: unit

learn-pr/github/github-administration-github-advanced-security/3-enable-github-advanced-security.yml

@@ -5,7 +5,7 @@ metadata:
   unitType: learning-content
   title: Enable GitHub Advanced Security
   description: Overview of how to enable GitHub Advanced Security on Enterprise Cloud and Enterprise Server
-  ms.date: 05/02/2024
+  ms.date: 06/10/2025
   author: rmcmurray
   ms.author: robmcm
   ms.topic: unit

learn-pr/github/github-administration-github-advanced-security/4-manage-access-github-advanced-security.yml

@@ -5,7 +5,7 @@ metadata:
   unitType: learning-content
   title: Manage access to GitHub Advanced Security
   description: Overview of how to set up access for different security alerts and how to set up security policies at the organization and repository level 
-  ms.date: 05/02/2024
+  ms.date: 06/10/2025
   author: rmcmurray
   ms.author: robmcm
   ms.topic: unit

learn-pr/github/github-administration-github-advanced-security/5-manage-github-advanced-security-features-alerts.yml

@@ -5,7 +5,7 @@ metadata:
   unitType: learning-content
   title: Manage the GitHub Advanced Security features and alerts
   description: Overview of how to manage security alerts with the Security Overview and how to manage the GitHub Advanced Security features with the Advanced Security endpoints.
-  ms.date: 05/02/2024
+  ms.date: 06/10/2025
   author: rmcmurray
   ms.author: robmcm
   ms.topic: unit

learn-pr/github/github-administration-github-advanced-security/6-knowledge-check.yml

@@ -5,7 +5,7 @@ metadata:
   unitType: knowledge-check
   title: Module assessment
   description: Knowledge check for the GitHub administration for GitHub Advanced Security module
-  ms.date: 05/02/2024
+  ms.date: 06/10/2025
   author: rmcmurray
   ms.author: robmcm
   ms.topic: unit

learn-pr/github/github-administration-github-advanced-security/7-summary.yml

@@ -5,7 +5,7 @@ metadata:
   unitType: summary
   title: Summary
   description: A recap on what you learned about administering GitHub Advanced Security in this module.
-  ms.date: 05/02/2024
+  ms.date: 06/10/2025
   author: rmcmurray
   ms.author: robmcm
   ms.topic: unit

learn-pr/github/github-administration-github-advanced-security/includes/1-introduction.md

@@ -2,9 +2,9 @@ GitHub recognizes that in our world today, software security is more critical th
 
 Imagine you're a security engineer responsible for managing application security in a large organization that has thousands of repositories. With such a large software ecosystem, application security is a priority in your company, which recently decided to purchase GitHub Advanced Security licenses as part of an organization-wide strategy to shift security left. GitHub Advanced Security lets your company reduce its technical debt and catch vulnerabilities early in its software development lifecycle.
 
-You're asked to come up with an adoption and scaling plan to gradually implement GitHub Advanced Security across all development teams. First, you need to get acquainted with the different GitHub Advanced Security features. Then, you need to understand where these features fit in your software development lifecycle and how to use them.
+You've been asked to come up with an adoption and scaling plan to gradually implement GitHub Advanced Security across all development teams. First, you need to get acquainted with the different GitHub Advanced Security features. Then, you need to understand where these features fit in your software development lifecycle and how to use them.
 
-In this module, you learn:
+In this module, you'll learn:
 
 - About the different GitHub Advanced Security features and their availability.
 - How to enable GitHub Advanced Security according to your enterprise plan.

learn-pr/github/github-administration-github-advanced-security/includes/2-what-is-github-advanced-security.md

@@ -1,6 +1,6 @@
 GitHub has many features that help you improve and maintain the quality of your code. Some of these features are included in all plans, such as dependency graph and Dependabot alerts. Others only run in a limited functionality mode on public repositories. There are also others that require a GitHub Advanced Security license to run on private repositories.
 
-In this unit, you learn more about GitHub Advanced Security, and discover what a project with GitHub Advanced Security looks like.
+In this unit, you learn more about GitHub Advanced Security and discover what a project with GitHub Advanced Security looks like.
 
 ## The GitHub Advanced Security features
 
@@ -26,13 +26,13 @@ A GitHub Advanced Security license provides these features for private and inter
 
 So what difference do the GitHub Advanced Security features make in your software-development lifecycle? Let's have a look at a basic security scenario first.
 
-:::image type="content" source="../media/basic-scenario.png" alt-text="Image representing the different stages of the software development lifecycle in a traditional security approach.":::
+:::image type="content" source="../media/basic-scenario.png" alt-text="Diagram representing the different stages of the software development lifecycle in a traditional security approach.":::
 
-This example illustrates a traditional *security as a gate* approach in which a single security test or a series of security tests take place during the quality-assurance phase. In this scenario, security usually ends up being a bottleneck to shipping the software. This situation is what your company wants to fix by shifting security left.
+This example illustrates a traditional *security as a gate* approach, in which a single security test or a series of security tests take place during the quality-assurance phase. In this scenario, security usually ends up being a bottleneck to shipping the software. This situation is what your company wants to fix by shifting security left.
 
-Now let's look at the same software development lifecycle with GitHub Advanced Security.
+Now, let's look at the same software development lifecycle with GitHub Advanced Security.
 
-:::image type="content" source="../media/github-advanced-security-scenario.png" alt-text="Image representing the different stages of the software development lifecycle with GitHub Advanced Security.":::
+:::image type="content" source="../media/github-advanced-security-scenario.png" alt-text="Diagram representing the different stages of the software development lifecycle with GitHub Advanced Security.":::
 
 In this scenario, security is set up right from the beginning through security policies at the project configuration stage. Developers are alerted of potential security issues at every step of the development process:
 
@@ -42,4 +42,4 @@ In this scenario, security is set up right from the beginning through security p
 
 In addition, the **Security Overview** offers administrators a high-level view of the project's security status. This view lets administrators identify problematic repositories that require intervention.
 
-The security of your code is reviewed multiple times before you get to the quality assurance stage, so there's less chance for a bottleneck right before shipping, and less technical debt.
+The security of your code is reviewed multiple times before you get to the quality assurance stage, so there's less chance for a bottleneck right before shipping, and less technical debt.

learn-pr/github/github-administration-github-advanced-security/includes/4-manage-access-github-advanced-security.md

@@ -18,9 +18,9 @@ Additionally, repository administrators and organization owners can give secret
 
 With the right set of roles and permissions, the developers involved in your security workflow can take the following actions:
 
-- For code scanning alerts: commit corrections to the code, dismiss alerts that don't require any action, or delete alerts to clean up code scanning results.
-- For secret scanning alerts: delete detected secrets, create new tokens, and update code that uses the detected secrets, or dismiss alerts that don't require any action.
-- For Dependabot alerts: update vulnerable dependencies or dismiss alerts that don't require any action.
+- **For code scanning alerts**: commit corrections to the code, dismiss alerts that don't require any action, or delete alerts to clean up code scanning results.
+- **For secret scanning alerts**: delete detected secrets, create new tokens, and update code that uses the detected secrets, or dismiss alerts that don't require any action.
+- **For Dependabot alerts**: update vulnerable dependencies or dismiss alerts that don't require any action.
 
 ## Set a security policy at the organization level
 
@@ -35,7 +35,7 @@ Follow these steps to set up a security policy at the organization level:
 
     :::image type="content" source="../media/security-policy-org.png" alt-text="Screenshot of security policy drop-down.":::
 
-1. Optionally, if you chose **Allow for selected organizations** to the right of an organization, select the drop-down menu to allow or disallow Advanced Security for the organization. Disallowing Advanced Security for an organization prevents repository administrators from enabling Advanced Security features for other repositories. But, it doesn't disable the features for repositories where the features are already enabled.
+1. Optionally, if you chose **Allow for selected organizations** to the right of an organization, select the drop-down menu to allow or disallow Advanced Security for the organization. Disallowing Advanced Security for an organization prevents repository administrators from enabling Advanced Security features for other repositories, but it doesn't disable the features for repositories where the features are already enabled.
 
     :::image type="content" source="../media/security-policy-org-2.png" alt-text="Screenshot of individual organization security policy drop-down.":::
 
@@ -53,4 +53,4 @@ Follow these steps to set up a security policy at the repository level:
 1. In your repository, navigate to **Security > Security policy**.
 1. Select **Start setup**.
 1. In the new `SECURITY.md` file, add information about supported versions of your project and how to report a vulnerability.
-1. Commit the change to the repository.
+1. Commit the change to the repository.