DevSecOps - Implementing Secure CI-CD Pipelines

Explore the implementation of secure CI/CD pipelines in this comprehensive DevSecOps tutorial. Learn about the fundamentals of DevOps and SDLC, understand the differences between basic CI/CD and DevSecOps pipelines, and gain hands-on experience setting up a cloud lab environment. Master the process of configuring Jenkins and Tomcat servers, creating build pipelines, and integrating continuous deployment. Dive into essential security practices such as checking Git secrets using Trufflehog, performing source composition analysis with OWASP Dependency Checker, implementing SAST through Sonarqube integration, and conducting DAST with ZAP Baseline Scan. Equip yourself with the knowledge and skills to build robust, secure CI/CD pipelines for modern software development.

DEVSECOPS#1 Introduction - Implementing Secure CI/CD Pipelines.
DEVSECOPS#2 Overview - CICD Pipeline.
DEVSECOPS#3 DevOps and SDLC.
DEVSECOPS#4 Basic CICD Pipeline and DevSecOps Pipeline.
DEVSECOPS#5 Setting up Cloud Lab Environment.
DEVSECOPS#6 Setting up Jenkins Server.
DEVSECOPS#7 Setting Up Tomcat Server.
DEVSECOPS#8 Creating Build Pipeline in Jenkins.
DEVSECOPS#9 Integrating Continuous Deployement in jenkins Pipeline.
DEVSECOPS#10 Checking Git Secrets in Pipeline using Trufflehog.
DEVSECOPS#11 Source Composition Analysis in Pipeline using OWASP Dependency Checker.
DEVSECOPS#12 SAST - Sonarqube integration in Jenkins Pipeline.
DEVSECOPS#13 DAST - ZAP Baseline Scan Integration in Jenkins Pipeline.