DevSecOps: Building a Secure Continuous Delivery Pipeline
Offered By: LinkedIn Learning
Course Description
Overview
Explore best practices and tools that can help you implement security across the entirety of the continuous integration and continuous delivery (CI/CD) pipeline.
Syllabus
Introduction
- Securing your CI/CD pipeline
- What you should know
- Traditional InfoSec is in crisis
- Introducing DevSecOps
- The continuous delivery pipeline
- Goals for a DevSecOps toolchain approach
- Secure development practices
- Static code analysis
- Tool: Keeping secrets with git-secrets
- Tool: Rapid Risk Assessment
- What's in your app?
- OWASP Dependency Check in practice
- JavaScript security with Retire.js: Installation
- JavaScript security with Retire.js: Testing
- Options for software composition analysis
- Security testing in the build stage
- AppSec scanning with DAST tools
- Gauntlt in practice
- Security in the deploy phase
- Rundeck for deployments
- Tricks for making compliance happy
- Keeping security in operate
- Modern application security
- Signal Sciences in practice
- Cloud security monitoring
- Next steps
Taught by
James Wickett
Related Courses
Advanced Testing Practices Using AWS DevOps Tools (Simplified Chinese)Amazon Web Services via AWS Skill Builder Advanced Testing Practices Using AWS DevOps Tools (Traditional Chinese)
Amazon Web Services via AWS Skill Builder Advanced Testing Practices Using AWS DevOps Tools (Spanish)
Amazon Web Services via AWS Skill Builder Advanced Testing Practices Using AWS DevOps Tools (Indonesian)
Amazon Web Services via AWS Skill Builder Advanced Testing Practices Using AWS DevOps Tools (Korean)
Amazon Web Services via AWS Skill Builder