DevOps is the collaboration of IT operations and software development in the service lifecycle. DevSecOps is the implementation of security practices within the DevOps process. DevSecOps is a practice used for securing and evolving consistently-changing systems at scale.
This instructor-led, live training (online or onsite) is aimed at DevOps who wish to secure the DevOps process with DevSecOps programs.
By the end of this training, participants will be able to:
- Understand how a DevSecOps program can integrate security into a software development pipeline.
- Build a secure continuous delivery pipeline.
- Automate security testing for a software delivery workflow.
Format of the Course
- Interactive lecture and discussion.
- Lots of exercises and practice.
- Hands-on implementation in a live-lab environment.
Course Customization Options
- To request a customized training for this course, please contact us to arrange.
- 14 hours (usually 2 days including breaks)
- An understanding of the DevOps process
DevSecOps at a Glance
- CI (Continuous Integration) and CD (Continuous Delivery)
- Shifting security to the left, the DevOps way
DevSecOps Method Theories
- Security for DevOps technologies
- When and how security interacts with the application and the development lifecycle
- Shared ownership of security responsibilities and activities
DevSecOps with Jenkins
- Creating an agent
- Creating a pipeline job
- Using SYNK and SonarQube for SAST security scanning
- Using Arachini and OWASP-ZAP for DAST security scanning
- Using Anchore and Aqua MicroScanner for image security scanning
- Developing a DevSecOps pipeline
- Enabling CI and CD
- Automating security testing with Gaunit
- Running an automated attack
Application Security Automation
- Automating and refactoring XSS attack
- Automating SQLi attack
- Automating a fuzzer
- Testing security in software delivery pipelines
Summary and Conclusion
Conquering The Web
- Retrieving web pages
- Parsing HTML and XML
- Filling web forms automatically
- Creating web applications in Python