YoVDO

DevSecOps Tutorial - Building a Pipeline with GitHub Actions and Docker Scout

Offered By: TechWorld with Nana via YouTube

Tags

DevSecOps Courses GitHub Actions Courses Security Automation Courses SAST Courses DAST Courses Docker Scout Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Learn the fundamentals of DevSecOps in this comprehensive tutorial. Explore why DevSecOps emerged, its core concepts, and practical implementation. Discover essential tools and techniques including SAST, SCA, DAST, secret scanning, and container image scanning. Follow along with a hands-on demo to build a DevSecOps pipeline using GitHub Actions, configuring SAST scans with Bandit and container image scanning with Docker Scout. Analyze scan reports, generate comprehensive assessments, and gain insights into next steps for advancing your DevSecOps knowledge, including cloud and Kubernetes security.

Syllabus

- Intro and Course Overview
- Importance of Security
- Before DevSecOps: Security as Afterthought
- What is DevSecOps
- How DevSecOps works in Practice: DevSecOps Tools
- Shifting Security Left
- DevSecOps DEMO
- Demo Overview
- Workflow Templates
- Configure SAST Scan
- Analyze scan results
- Ignore Low Severity Issues
- Generate Scan Report
- Configure Image Scanning with Docker Scout
- Analyze scan results
- Reuse existing GitHub Action for Docker Scout
- Where to go from here
- Next Steps - Cloud and Kubernetes Security


Taught by

TechWorld with Nana

Related Courses

Speed and Scale - How to Get There
GOTO Conferences via YouTube The Implementation and Practice of DevSecOps
NDC Conferences via YouTube The Practice and Implementation of DevSecOps
Linux Foundation via YouTube Automated Finding Correlation: SAST, DAST, and IAST Overlap in Application Security
OWASP Foundation via YouTube Selecting Application Security Testing Tools: SAST, DAST, IAST, RASP, and AST
OWASP Foundation via YouTube