Devsecops Essentials - Beginner To Advanced (Hands On Demos)

All the basics you need to know - Get started with DevSecOps and Application Security

What you'll learn

Learn DevSecOps Fundamentals

Learn SAST, SCA, IAC, Container Security, IAC Security Basics

Learn SAST scan using Fortify On Demand

Learn IDE Security Plugins like SonarLint and Snyk

Learn Container Security scan using Snyk

Learn to implement an End to End DevSecOps pipeline using Jenkins

Learn Basics of DevSecOps and Application Security

Learn Intermediate to Advanced level processes in DevSecOps

Learn to create your CV for Security/DevSecOps Jobs

Learn about DevSecOps Maturity Model

Learn SCA scan using Snyk

Learn IAC Security Scan using Checkov from BridgeCrew

Learn to run SAST scan using SonarQube with and without CI/CD pipeline

Learn about Roles and Responsibilities of a DevSecOps Engineer

Requirements

No Programming Knowledge Needed. We will teach about Security and DevSecOps from Scratch

Description

Who shall take this course?This DevSecOps course is designed for Security Engineers, DevOps Engineers, SRE, QA Professionals and Freshers looking to find a job in the field of security. This is a focused DevSecOps course with a special focus on all the basic to advanced level DevSecOps information that is needed to find a job in Security domain and work in an organization. This course also teaches to implement an End to End DevSecOps pipeline for a Java Project.Learn and implement security in DevOps pipeline, get Hands On experience in using Security tools & technologies. This course is for:DevelopersDevOpsSecurity EngineersAspiring professional in the Security domainQuality Assurance EngineersInfoSec/AppSec Professional DevSecOps being the hot skill, will help you to secure a high-salaried job and stay informed on the latest market trends. ––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––Why purchase this course?This is only practical hands-on course available on the internet till now.DevSecOps enables rapid application development with agility, at the same time it secures your application with automated security checks integrated within the pipeline. It helps to increase productivity and security by integrating security stages in the pipeline.Also, we have included practical examples to implement security in the DevOps pipeline through various tools.By the end of the course, you will be able to successfully implement DevOps or DevSecOps pipeline and lead initiatives to create, build and maintain security pipelines in your project.No Action required before taking this course. For any question or concerns, Please post your comments on discussions tabDisclaimer: English subtitles are auto-generated so please ignore any grammar mistakes

Overview

Section 1: Introduction

Lecture 1 Introduction and Agenda

Lecture 2 What is DevSecOps and How its different from DevOps?

Section 2: Basic Level Security Concepts for DevSecOps Engineers

Lecture 3 Role and Responsibilities of DevSecOps Engineers in Enterprise Environment

Lecture 4 Static Application Security Testing and tools

Lecture 5 SAST Hands On

Lecture 6 SBOM or Software Bill of Material (Also called SCA)

Lecture 7 SCA Demo

Lecture 8 Dynamic Application Security Testing

Lecture 9 DAST Demo

Lecture 10 Container Security

Lecture 11 Container Security Demo

Lecture 12 Infrastructure As Code

Lecture 13 IAC Security Scanning Demo using Checkov

Lecture 14 What is CWE & CVE & CVSS?

Lecture 15 False Positive Analysis

Lecture 16 FPA Demo

Lecture 17 Report security vulnerabilities in Ticketing tool like JIRA

Section 3: Intermediate Level Concepts for DevSecOps Engineers

Lecture 18 What is DevSecOps Maturity Model?

Lecture 19 Basics of Docker Explained

Lecture 20 SAST scan using Docker

Lecture 21 Basics of Git and GitHub Explained

Lecture 22 Hands On: Git Installation on local system

Lecture 23 Hands On: Learn Git Basics

Lecture 24 Git Commands for reference

Lecture 25 Basics of IDE plugins

Lecture 26 Demo of IDE Pluings - SonarLint

Section 4: Advanced Level Concepts - End to End DevSecOps Pipeline with all tools learned

Lecture 27 Basics of CI/CD and its tools

Lecture 28 Hands On: Most Popular CI/CD Tool Demo - Jenkins Setup

Lecture 29 Implement End to End DevSecOps Pipeline using Jenkins on Windows System

Section 5: Next Steps

Lecture 30 Find Jobs on Job Hunting Platform

Lecture 31 Create CV for DevSecOps Engineer

Lecture 32 Bonus Lecture

This course is for Freshers, Security Engineers, Senior Security Engineers, DevSecOps Engineers, QA Engineers, DevOps Engineers and Security Architects