Securing Your DevOps Pipelines: DevSecOps Best Practices

Securing Your DevOps Pipelines: DevSecOps Best Practices

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 33 Lessons (4h 3m) | 643 MB

Security is the top concern of businesses today. Milecia McGregor shows developers how to mitigate security risks by implementing DevSecOps best practices.

Every organization with a DevOps framework should be looking to shift toward a DevSecOps mindset, bringing individuals of all abilities and across all technology disciplines to a higher level of proficiency in security. From testing for potential security exploits to building business-driven security services, a DevSecOps framework that uses DevSecOps tools ensures security is built into applications rather than being bolted on haphazardly afterwards.

In Securing Your DevOps Pipelines: DevSecOps Best Practices LiveLessons, Milecia covers how DevSecOps improves upon regular DevOps pipelines. She covers the tools and methodologies you can use to bring DevSecOps to your organization. By the end of the course, you will know how to build a DevSecOps pipeline and how to integrate different tools to handle the OWASP Top Ten, as well as compliance checks to stay up to date with regulations like HIPAA, PCI, and GDPR.

What You Will Learn

Developers and engineers will learn to

  • Build a DevSecOps pipeline in CircleCI with several industry standard tools
  • Deploy a TypeScript full-stack app and see how DevSecOps reports security risks
  • Learn how to get your organization onboard with a security and DevOps mindset
  • Perform simple automated security audits to further check for vulnerabilities

Who Should Take This Course

DevOps professionals and site reliability engineers, software developers, technical project managers, security engineers

Course Requirements

Some experience with DevOps pipelines, some knowledge of the OWASP Top Ten and web application authentication, authorization, and other security principles

Table of Contents

1 Securing Your DevOps Pipelines Introduction

Lesson 1 Background on DevOps
2 Learning objectives
3 Understand where DevOps came from
4 Learn how DevOps works
5 DevOps versus Waterfall

Lesson 2 Security in DevOps or DevSecOps
6 Learning objectives
7 Show where security comes in
8 Learn how issues get to production
9 Learn the OWASP 10 top security risks
10 Understand how attackers gain unauthorized access to apps
11 Learn the basics of DevSecOps
12 Use DevSecOps to mitigate risks

Lesson 3 DevSecOps Tools
13 Learning objectives
14 Learn about SAST
15 Use SAST tools
16 Learn about DAST
17 Use DAST tools
18 Learn about IAST
19 Use IAST tools
20 Learn about OAST
21 Use OAST tools

Lesson 4 Setting up a DevSecOps Pipeline
22 Learning objectives
23 Set up the project
24 Set up CircleCI
25 Write the CircleCI config
26 Break down the pipeline steps
27 Add security to each step

Lesson 5 Final Security Checks
28 Learning objectives
29 Learn how pen-testing works
30 Use Kali Linux tools
31 Use bug bounties
32 Perform compliance audits

33 Securing Your DevOps Pipelines Summary