chore: Revise wording on step 1

Author: chriswblake

.github/steps/1-enable-codeql.md

@@ -1,39 +1,48 @@
 ## Step 1: Enable CodeQL
 
-In this first step, we'll be learning more about CodeQL and how to use it to secure your source code.
+In this first step, we'll be learning more about [CodeQL](https://codeql.github.com/) and how to use it to secure your source code.
 
-### What is GitHub code scanning?
+### What is GitHub Code Scanning?
 
-[Code scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning) is a capability that allows development teams to integrate security testing tools into the software development process. This is done using GitHub Actions. With code scanning, you can integrate many different types of tools including SAST, container, and infrastructure as code security tools.
+[Code scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning) is part of the [GitHub Advanced Security (GHAS)](https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security) product suite. It allows development teams to integrate security testing tools directly into the same process you already use for shipping code. It supports many types such as SAST, container, and infrastructure as code. And the best part is that the results can also live directly in GitHub next to your code. No need for context switching! 🎉
+
+> [!TIP]
+> All of the features of GitHub Advanced Security are 100% free for public repositories.
 
 ### What is CodeQL?
 
 [CodeQL](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql) is a static analysis testing tool that helps you identify security weaknesses such as SQL injection, cross-site scripting, and code injection issues.
 
-### ⌨️ Activity: Enable code scanning with CodeQL
+<img width="200" align="right" alt="codeql default configuration box" src="https://github.com/user-attachments/assets/cf5ba96b-98bb-4db5-b743-bd31bceaabac"/>
 
-First, we will enable code scanning with CodeQL in our repository.
+Typically CodeQL patterns are collected into [query suites](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql#about-codeql-queries) of patterns. When combined well, this can be a very powerful! To help with this, teams of security experts have pre-populated suites for many common scenarios and programming languages.
 
-1. Open a new browser tab, and work on the steps in your second tab while you read the instructions in this tab.
+In many cases, taking advantage of CodeQL is as simple as accepting the default suite, but you can also select the extended suite or customize your own with [GitHub Actions]().
 
-1. Navigate to the **Settings** tab at the top of your newly created repository.
+Here are some options the default configuration provides:
 
-1. Under the **Security** section on the left side, select **Code security and analysis**.
+- **Languages:** The languages automatically detected in your repository that CodeQL will scan.
 
-1. Scroll down to the section titled **Code scanning**. For the purpose of this exercise, we will focus on CodeQL analysis.
+- **Query suites:** A list of the available suites of patterns that will be used. The **Default** or **Extended** are provided automatically.
 
-1. Click on the **Set up** dropdown menu and choose **Default**.
+- **Events:** Triggers for running a CodeQL scan. It's common to run before merging and on a schedule for production code.
 
-   <img width="400" alt="enable code scanning" src="https://github.com/user-attachments/assets/0d639af3-a8fb-4ea7-8b94-44621a34fc3c"/>
+### ⌨️ Activity: Enable code scanning with CodeQL
+
+1. Open a second tab and navigate to this repository. Ensure you are on the **Code** tab.
 
-   Let's take a look at the configuration options in the modal:
+1. In the top navigation, select the the **Settings** tab.
 
-   - **Languages to analyze:** These are the languages that will be scanned by CodeQL. In this case, we will be scanning in `Python`.
-   - **Query suites:** CodeQL [queries](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql#about-codeql-queries) are packaged in bundles called "suites". This section allows you to choose which query suite to use. We'll leave this set as **Default** for this exercise. For more information, see "[About CodeQL queries](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql#about-codeql-queries)."
-   - **Events:** This section tells CodeQL when to scan. In this case, it's set to scan on any pull request to the `main` branch.
+1. In the left navigation, fine the **Security** section and select **Advanced Security**.
+
+1. Scroll down and find the **Code scanning**.
+
+1. In the **CodeQL** setting, click the **Set up** dropdown menu and choose **Default**.
+
+   <img width="400" alt="enable code scanning" src="https://github.com/user-attachments/assets/0d639af3-a8fb-4ea7-8b94-44621a34fc3c"/>
 
-   <img width="400" alt="codeql default configuration box" src="https://github.com/user-attachments/assets/cf5ba96b-98bb-4db5-b743-bd31bceaabac"/>
+1. Click **Enable CodeQL**.
 
-1. Click **Enable CodeQL**
+   > This will trigger a first run of CodeQL. You can view the progress in the **Actions** tab.
 
 1. With CodeQL now enabled, Mona will check your progress and share the next steps.