Fundamentals of DevSecOps : HandsOn Included

  • Post category:StudyBullet-15
  • Reading time:7 mins read


Basics of DevSecOps

What you will learn

Foundations Of Cloud

How to build & secure applications on cloud securely

Secure the cloud

How to Secure the Cloud

Description

The Fundamentals of DevSecOps is designed to provide participants with a comprehensive understanding of the principles, practices, and tools involved in integrating security into the software development and operations lifecycle. This course aims to bridge the gap between development, operations, and security teams, enabling organizations to build and deploy secure software products efficiently.

Throughout the course, participants will explore the fundamental concepts of DevSecOps and gain insights into its importance in modern software development. They will learn how to implement security measures at each stage of the software development lifecycle, ensuring that security is considered from the initial design to deployment and beyond.

Target Audience: This course is suitable for software developers, system administrators, operations engineers, security professionals, and anyone involved in the software development and deployment lifecycle. It is beneficial for individuals and organizations aiming to integrate security practices into their DevOps processes and enhance the overall security posture of their software products.


Get Instant Notification of New Courses on our Telegram channel.


Prerequisites: While there are no strict prerequisites for this course, a basic understanding of software development, DevOps principles, and general security concepts would be beneficial.

Learning: By the end of the DevSecOps Foundations course, participants will have gained the knowledge and skills necessary to effectively integrate security practices into their software development and operations processes. They will be equipped with the tools and techniques needed to build secure, resilient, and compliant software systems in today’s dynamic and evolving threat landscape.

English
language

Content

Introduction

Introduction
About Instructor
What is DevSecOps ?
Linux OS

Organization & Projects

Introduction
OWASP
OWASP ZAP
OWASP Top 10
OWASP cheatsheet
CIS benchmarks
CIS controls
CVEs
CVSS
CISA
CWE
QUIZ

Linux Fundamentals

Linux Fundamentals
File Ownership & Permissions
CHMOD explanation , practical and demo
CHOWN explanation , practical and demo
PASSWD file explained
SHADOW file explained
GROUP file explained
SUDO explained
SUDO hands on and DEMO
Privilege escalation
apt-get & apt
Automatic updates
SSH
SSH generate public private key pair and its usage
SSH Advanced
sshd_config explained
commonly used commands
CIS hardened image
QUIZ : Knowledge Check

Docker

Docker ? What is Docker? Why docker ?
Docker Registries
Dockerfile
Basic docker commands
Docker recommendation : Do’s and Dont’s
Hands on Docker Basics And Security
QUIZ

Terraform

Terraform Introduction
Terraform recommendations
terraform Demo Pre-requisites
Terraform Demo
QUIZ

Jenkins

Jenkins Intro
Jenkins Architecture
Jenkins recommendations
Jenkins Demo : Installation using docker-compose.yml
Jenkins Demo: Agent Setup
Jenkins Demo : Agent Setup , setting up docker as jenkins agent
Jenkins first job : freestyle
QUIZ

Testing, Tooling and Principles

Introduction
SAST
“Discover Code Vulnerabilities with Fortify SAST”: Demo
DAST
DAST hands-on-demo
SCA
SCA hands-on-demo docker CLI
SCA hands-on-demo UI
penetration testing
vulnerability assessment
key security principles
QUIZ

Pipelines

YML explained
github pipeline using yaml: hands-on-demo
YAML Simple Blueprint of DevSecOps Pipeline
YAML Finally DevSecOps Pipeline
Final DevSecOps Success Pipeline
QUIZ

Course Summary

Summary of the Course
Enroll for Free

💠 Follow this Video to Get Free Courses on Every Needed Topics! 💠

Tags: ,