Skip to content

Implement DevSecOps3 page with advanced GHAS features and security demonstrations #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

Implement DevSecOps3 page with advanced GHAS features and security demonstrations #86

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b00c208
Initial plan
Copilot Jun 26, 2025
419c6b0
Fix build issues: Update to .NET 8.0 and fix Program.cs
Copilot Jun 26, 2025
8e8e8d5
Create DevSecOps3 page with GHAS features and security demos
Copilot Jun 26, 2025
cec74e6
Implement DevSecOps6 page with container and supply chain security demos
Copilot Jun 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
223 changes: 223 additions & 0 deletions src/webapp01/Pages/DevSecOps3.cshtml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,223 @@
@page
@model DevSecOps3Model
@{
ViewData["Title"] = "DevSecOps3 - Advanced GitHub Security Demo";
}

<div class="container">
<div class="row">
<div class="col-12">
<h1 class="display-4 text-primary">@ViewData["Title"]</h1>
<p class="lead">Explore the cutting-edge features and capabilities of GitHub Advanced Security (GHAS)</p>
<hr />
</div>
</div>

<!-- Alert for TempData messages -->
@if (TempData["SecurityDemoResult"] != null)
{
<div class="alert alert-info alert-dismissible fade show" role="alert">
@TempData["SecurityDemoResult"]
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
}

@if (TempData["SecurityDemoError"] != null)
{
<div class="alert alert-danger alert-dismissible fade show" role="alert">
@TempData["SecurityDemoError"]
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
}

<div class="row">
<!-- Latest GHAS News Section -->
<div class="col-lg-8">
<div class="card mb-4">
<div class="card-header bg-gradient" style="background: linear-gradient(135deg, #0366d6, #6f42c1);">
<h3 class="card-title mb-0 text-white">
<i class="bi bi-shield-check"></i> Latest GitHub Advanced Security Updates 2024
</h3>
</div>
<div class="card-body">
@if (Model.LatestGHASNews.Any())
{
<div class="list-group list-group-flush">
@foreach (var newsItem in Model.LatestGHASNews)
{
<div class="list-group-item d-flex align-items-start">
<span class="badge bg-gradient text-white me-3 mt-1" style="background: linear-gradient(45deg, #28a745, #20c997);">LATEST</span>
<div>
<p class="mb-1">@newsItem</p>
<small class="text-muted">Updated with latest GHAS capabilities</small>
</div>
</div>
}
</div>
}
else
{
<p class="text-muted">No news available at this time.</p>
}
</div>
</div>

<!-- Enhanced GHAS Features Overview -->
<div class="card mb-4">
<div class="card-header bg-dark text-white">
<h3 class="card-title mb-0">Enhanced GHAS Features Portfolio</h3>
</div>
<div class="card-body">
<div class="row">
<div class="col-md-6">
<h5><i class="bi bi-cpu"></i> AI-Powered Code Scanning</h5>
<p>Next-generation CodeQL with machine learning enhanced vulnerability detection and fix suggestions.</p>

<h5><i class="bi bi-shield-lock"></i> Advanced Secret Scanning</h5>
<p>Comprehensive secret detection with custom patterns and push protection across all repositories.</p>

<h5><i class="bi bi-graph-up-arrow"></i> Dependency Insights</h5>
<p>Deep dependency analysis with supply chain attack detection and automated security updates.</p>
</div>
<div class="col-md-6">
<h5><i class="bi bi-cloud-security"></i> Security Policies</h5>
<p>Organization-wide security policy enforcement with compliance tracking and reporting.</p>

<h5><i class="bi bi-speedometer2"></i> Real-time Monitoring</h5>
<p>Continuous security monitoring with instant alerts and automated incident response.</p>

<h5><i class="bi bi-people"></i> Team Collaboration</h5>
<p>Enhanced security workflows with developer-friendly remediation guidance and training.</p>
</div>
</div>
</div>
</div>
</div>

<!-- Advanced Security Demo Sidebar -->
<div class="col-lg-4">
<!-- Enhanced Security Demo Section -->
<div class="card mb-4">
<div class="card-header bg-warning text-dark">
<h4 class="card-title mb-0">
<i class="bi bi-exclamation-triangle-fill"></i> Advanced Security Demo
</h4>
</div>
<div class="card-body">
<p class="text-muted small">
This demonstration includes intentionally vulnerable code patterns for GHAS testing.
These vulnerabilities showcase advanced scanning capabilities.
</p>

<!-- Enhanced Regex Testing Form -->
<form method="post" asp-page-handler="TestAdvancedRegex" class="mt-3">
<div class="mb-3">
<label for="regexPattern" class="form-label">Advanced Regex Pattern:</label>
<input type="text" class="form-control" id="regexPattern" name="pattern"
placeholder="Enter complex regex pattern" value="(a+)+b">
<div class="form-text">Test patterns that may cause ReDoS vulnerabilities</div>
</div>
<div class="mb-3">
<label for="testInput" class="form-label">Test Input:</label>
<input type="text" class="form-control" id="testInput" name="input"
placeholder="Enter test string" value="aaaaaaaaaaaaaaaaaaaaX">
</div>
<button type="submit" class="btn btn-warning btn-sm">
<i class="bi bi-play-circle"></i> Execute Advanced Test
</button>
</form>

<!-- SQL Injection Demo -->
<form method="post" asp-page-handler="TestSqlDemo" class="mt-4">
<div class="mb-3">
<label for="userId" class="form-label">User ID Lookup:</label>
<input type="text" class="form-control" id="userId" name="userId"
placeholder="Enter user ID" value="1">
<div class="form-text">Demonstrates SQL injection vulnerabilities</div>
</div>
<button type="submit" class="btn btn-danger btn-sm">
<i class="bi bi-database"></i> Test SQL Query
</button>
</form>
</div>
</div>

<!-- GHAS Resources -->
<div class="card">
<div class="card-header bg-info text-white">
<h4 class="card-title mb-0">
<i class="bi bi-book"></i> GHAS Resources
</h4>
</div>
<div class="card-body">
<div class="d-grid gap-2">
<a href="https://docs.github.com/en/code-security/getting-started/github-security-features"
class="btn btn-outline-primary btn-sm" target="_blank">
<i class="bi bi-shield-check"></i> Security Features Guide
</a>
<a href="https://github.com/github/codeql"
class="btn btn-outline-secondary btn-sm" target="_blank">
<i class="bi bi-github"></i> CodeQL Repository
</a>
<a href="https://docs.github.com/en/code-security/code-scanning"
class="btn btn-outline-success btn-sm" target="_blank">
<i class="bi bi-search"></i> Code Scanning Docs
</a>
<a href="https://docs.github.com/en/code-security/secret-scanning"
class="btn btn-outline-warning btn-sm" target="_blank">
<i class="bi bi-key"></i> Secret Scanning Guide
</a>
<a href="https://docs.github.com/en/code-security/dependabot"
class="btn btn-outline-info btn-sm" target="_blank">
<i class="bi bi-robot"></i> Dependabot Security
</a>
</div>
</div>
</div>
</div>
</div>

<!-- Advanced Features Section -->
<div class="row mt-5">
<div class="col-12">
<div class="card">
<div class="card-header bg-gradient text-white" style="background: linear-gradient(135deg, #6f42c1, #e83e8c);">
<h3 class="card-title mb-0">
<i class="bi bi-rocket"></i> Advanced GHAS Capabilities & Future Roadmap
</h3>
</div>
<div class="card-body">
<div class="row">
<div class="col-md-4">
<h5 class="text-primary">AI-Enhanced Security</h5>
<ul class="list-unstyled">
<li><i class="bi bi-check-circle text-success"></i> Machine learning vulnerability detection</li>
<li><i class="bi bi-check-circle text-success"></i> Automated fix suggestions</li>
<li><i class="bi bi-check-circle text-success"></i> Smart false positive reduction</li>
<li><i class="bi bi-check-circle text-success"></i> Contextual security insights</li>
</ul>
</div>
<div class="col-md-4">
<h5 class="text-success">Supply Chain Security</h5>
<ul class="list-unstyled">
<li><i class="bi bi-check-circle text-success"></i> Comprehensive dependency scanning</li>
<li><i class="bi bi-check-circle text-success"></i> Software bill of materials (SBOM)</li>
<li><i class="bi bi-check-circle text-success"></i> Provenance tracking</li>
<li><i class="bi bi-check-circle text-success"></i> Malicious package detection</li>
</ul>
</div>
<div class="col-md-4">
<h5 class="text-warning">Enterprise Integration</h5>
<ul class="list-unstyled">
<li><i class="bi bi-check-circle text-success"></i> SIEM/SOAR integration</li>
<li><i class="bi bi-check-circle text-success"></i> Compliance reporting</li>
<li><i class="bi bi-check-circle text-success"></i> Custom security policies</li>
<li><i class="bi bi-check-circle text-success"></i> Advanced metrics & dashboards</li>
</ul>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
Loading