DevSecOps: Building a Secure Continuous Delivery Pipeline
Offered By: LinkedIn Learning
Course Description
Overview
Explore best practices and tools that can help you implement security across the entirety of the continuous integration and continuous delivery (CI/CD) pipeline.
Syllabus
Introduction
- Securing your CI/CD pipeline
- What you should know
- Traditional InfoSec is in crisis
- Introducing DevSecOps
- The continuous delivery pipeline
- Goals for a DevSecOps toolchain approach
- Secure development practices
- Static code analysis
- Tool: Keeping secrets with git-secrets
- Tool: Rapid Risk Assessment
- What's in your app?
- OWASP Dependency Check in practice
- JavaScript security with Retire.js: Installation
- JavaScript security with Retire.js: Testing
- Options for software composition analysis
- Security testing in the build stage
- AppSec scanning with DAST tools
- Gauntlt in practice
- Security in the deploy phase
- Rundeck for deployments
- Tricks for making compliance happy
- Keeping security in operate
- Modern application security
- Signal Sciences in practice
- Cloud security monitoring
- Next steps
Taught by
James Wickett
Related Courses
Designing and Executing Information Security StrategiesUniversity of Washington via Coursera Caries Management by Risk Assessment (CAMBRA)
University of California, San Francisco via Coursera Diagnosing the Financial Health of a Business
Macquarie Graduate School of Management via Open2Study Enfermedades transfronterizas de los animales
MirÃadax Unethical Decision Making in Organizations
University of Lausanne via Coursera