DevSecOps Bootcamp Год выпуска: 2024 Производитель: Techworld with nana Сайт производителя: https://www.techworld-with-nana.com/devsecops-bootcamp Автор: Nana Продолжительность: ~27h Тип раздаваемого материала: Видеоурок Язык: Английский Описание: Stand out and 10x your value with this in-demand skills. Cybercrime is expected to cost companies 10.5 Trillion annually. With the rate of attacks increasing, the demand for DevSecOps skills is at an all-time high. Be recognized as a top tech professional and land high-paying jobs Integrate Security in every step of DevOps You will learn DevSecOps concepts, like SAST, SCA, DAST and Security as Code Various Security Scanning Tools, like GitLeaks, Semgrep, njsScan, RetireJS, Zap, Trivy, TFSec Secrets Management with Vault, KMS Various DevSecOps tools: DefectDojo, Vault, AWS Secrets Manager, InSpec Concepts and Tools for Observability, GitOps, Cloud Security, Image Security Compliance as Code, Policy as Code Roles and Responsibilities in DevSecOps in practice You will be able to Implement complete DevSecOps processes at your work Build secure CI/CD pipelines Drive adoption of DevSecOps at your company Automate security checks to prevent workflow bottlenecks Detect, visualize, analyze and remediate security vulnerabilities Secure AWS Cloud and write secure IaC Secure Kubernetes cluster with automation and security best practices
Содержание
part 1 Getting Started with the DevSecOps Bootcamp 1 Why learn DevSecOps 2 Pre-Requisites of Bootcamp 3 DevSecOps Bootcamp Curriculum Overview 4 Support and Other Bootcamp Materials 5 Certified DevSecOps Practitioner – Applying for Digital Badge Security Essentials 6 Introduction to Security (1 – Security Essentials) 7 Importance of Security & Impact of Security Breaches 8 How to Secure Systems Against Attacks 9 Types of Security Attacks – Part 1 10 Types of Security Attacks – Part 2 11 OWASP top 10 – Part 1 12 OWASP top 10 – Part 2 13 Security in Layers Introduction to DevSecOps 14 Issues with Traditional Approach to Security (2 – Introduction to DevSecOps) 15 Understand DevSecOps 16 Roles & Responsibilities in DevSecOps Application Vulnerability Scanning 17 Build a Continuous Integration Pipeline (3 – Application Vulnerability Scanning) 18 Impact of Missing Security Insights 19 Secret Scanning with GitLeaks – Local Environment 20 Pre-commit Hook for Secret Scanning & Integrating GitLeaks in CI Pipeline 21 False Positives & Fixing Security Vulnerabilities 22 Integrate SAST Scans in Release Pipeline Vulnerability Management and Remediation 23 Generate Security Scanning Reports (4 – Vulnerability Management and Remediation) 24 Introduction to DefectDojo, Managing Security Findings, CWEs 25 Automate Uploading Security Scan Results to DefectDojo 26 Fix Security Issues Discovered in the DevSecOps Pipeline Vulnerability Scanning for Application Dependencies 27 Software Composition Analysis – Security Issues in Application Dependencies (5 – Vulnerability Scanning for Application Dependencies) 28 Import SCA Scan Reports in DefectDojo, Fixing SCA Findings, CVEs 29 Overview of Static Security Scans in CI Pipeline Build a CD Pipeline 30 Overview of a CICD Pipeline (6 – Build a CD Pipeline) 31 Introduction to Security Layers for AWS Access 32 Integrate CICD Pipeline with AWS ECR 33 Configure Application Deployment Environment on EC2 Server 34 Deploy Application to EC2 Server with Release Pipeline 35 Configure Self-Managed GitLab Runner for Pipeline Jobs 36 Build Application Images on Self-Managed Runner, Leverage Docker Caching Image Scanning – Build Secure Docker Images 37 Overview of Image Security (7 – Image Scanning – Build Secure Docker Images) 38 Configure Automated Security Scanning in Application Image 39 Analyze & Fix Security Issues from Findings in Application Image 40 Automate Uploading Image Scanning Results in DefectDojo 41 Docker Security Best Practices 42 Configure Automated Image Security Scanning in ECR Image Repository 43 Overview of Automated Application Code and Image Scanning Steps AWS Cloud Security & Access Management 44 AWS Security Essentials (8 – AWS Cloud Security & Access Management) 45 Understand AWS Access Management using IAM Service 46 Securing AWS Root User Account 47 IAM Users, Groups & Policies 48 Secure Access from CICD Pipeline to AWS 49 Understand Importance of IAM Roles in AWS Cloud Security 50 Overview of IAM Resources & Secure Access Management in AWS Secure Continuous Deployment & DAST 51 Security Essentials for Accessing Deployment Server (9 – Secure Continuous Deployment & DAST) 52 Configure AWS Systems Manager for EC2 Server 53 AWS SSM Commands in Release Pipeline for Server Access 54 Secure Continuous Deployment to Server using SSM 55 Secure Access to AWS with IAM Roles & Short-Lived Credentials 56 Overview of AWS Security Measures and Continuous Security Improvements 57 Understand Dynamic Application Security Testing (DAST) 58 Configure Automated DAST Scans in CICD Pipeline 59 Overview of Complete DevSecOps Pipeline with Static and Dynamic Security Scans IaC and GitOps for DevSecOps 60 Understand Impact of IaC in Security & DevSecOps (10 – IaC and GitOps for DevSecOps) 61 Terraform Script for AWS Infrastructure Provisioning 62 Replace Manually Created Infrastructure with Automatically Provisioned Resources 63 Build CICD Pipeline for Infrastructure Code using GitOps Principles 64 Configure Remote State for Terraform 65 Add Automated Security Scan to TF Infrastructure Code 66 Understand IaC Concept Cattle vs Pets Logging & Monitoring for Security 67 Understand Need for Logging and Monitoring in Security (11 – Logging & Monitoring for Security) 68 Introduction to CloudTrail and CloudWatch 69 CloudTrail Event History 70 Configure Multi-Region Trail in CloudTrail & Forward Logs to CloudWatch 71 Create CloudWatch Alarm for EC2 Instance 72 Create Custom Metric Filter for Failed Login Metrics 73 Configure Alarm for Failed Login Attempts 74 Configure AWS Budgets for Monthly Usage Costs 75 Complete Bootcamp Part 1 – Next Steps part 2 76 Kubernetes Security Overview 77 Kubernetes Security Best Practices 78 Provision AWS EKS Cluster 79 Chapter Introduction 80 Role Based Access Control RBAC 81 IAM Roles and K8s Roles How it works 82 Configure IAM Roles and link to K8s Roles in IaC 83 Configure K8s Role and ClusterRole in IaC 84 Review and Test Access 85 Summary Wrap Up 86 Using GitLab OIDC in AWS 87 Configure Authentication with GitLab Identity Provider 88 Pipeline Configuration for establishing a secure connection 89 Terraform Configuration for EKS provisioning 90 Summary Wrap Up 91 Introduction to EKS Blueprints 92 Overview of EKS Add ons we install 93 Configure EKS Add ons 94 Troubleshooting Tuning Autoscaler 95 Access Token Expiration 96 Chapter Overview 97 ArgoCD explained Part 1 What Why and How 98 ArgoCD explained Part 2 Benefits and Configuration 99 Overview of CI or CD Pipelines to Git repositories 100 Configure ArgoCD in IaC Deploy Argo Part 1 101 IaC Pipeline Configuration Deploy Argo Part 2 102 Deployment through Pipeline and Access Argo UI Deploy Argo Part 3 103 K8s Manifests for Microservices App using Kustomize 104 Create GitOps Pipeline to update Kustomization File 105 Create CI Pipeline that triggers GitOps Pipeline 106 See Whole Automated Workflow in Action 107 Why Policy as Code 108 Introduction to Open Policy Agent OPA and OPA Gatekeeper 109 How Gatekeeper and OPA works 110 Install OPA Gatekeeper in Cluster 111 Defining Policies 112 Define Policy to reject NodePort Service 113 Define Policy to reject Privileged Containers 114 Summary 115 Why Secrets Manager are needed 116 Introduction to External Secrets Operator in K8s 117 Capabilities of Secrets Management Tools 118 Vault Capabilities Vault Deep Dive Part 1 119 How Vault works Vault Deep Dive Part 2 120 Introduction to AWS Secrets Manager 121 Deploy External Secrets Controller Demo Part 1 122 Create SecretStore and ExternalSecret 123 Use Secret in Microservice Demo Part 3 124 Chapter and Demo Overview 125 Service Mesh and Istio What Why and How 126 Install Istio in K8s cluster 127 Configure Traffic Routing 128 Configure a Secure Gateway 129 mTLS Deep Dive 130 Authorization in Istio Deep Dive 131 Istio Policies vs K8s Network Policies 132 Configure Authorization Policies 133 Wrap Up 134 What is Compliance 135 What are CIS Benchmarks 136 Why Compliance as Code 137 Demo Overview and Introduction to AWS Config 138 Setting up AWS Config Rules 139 Configure Auto Remediation for Insecure Security Groups for EC2 Instances 140 Configure Auto Remediation for CloudTrail Logging if switched off 141 Configure Compliance Rules for AWS EKS Service 142 Wrap Up 143 Why DevSecOps is Important 144 Driving Cultural Change Real World Examples of Companies 145 How to start implementing DevSecOps in Organizations Practical Tips 146 Final Summary. The DevSecOps Transformation 147 Apply for the Certified DevSecOps Practitioner credential Digital Badge PDF 01 Security Essentials 02 Intro to DevSecOps 03 App Vulnerability Scanning 04 Vulnerability Management 05 Vulnerability Scanning for App Dependencies 06 Set up CD Pipeline 07 Image Scanning 08 AWS Cloud Security and Access Management 09 Secure Continuous Deployment & DAST 10 IaC and GitOps for DevSecOps 11 Logging & Monitoring for Security 12 Introduction to Kubernetes Security 13 Kubernetes Access Management 14 Secure IaC Pipeline for EKS Provisioning 15 EKS Blueprints 16 App Release Pipeline with ArgoCD 17 Policy as Code 18 Secrets Management 19 Service Mesh with Istio 20 Compliance as Code
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
![[Quote]](./templates/default/images/lang/en/icon_quote.gif "Reply with quote"){kind=icon}
![[Profile]](./templates/default/images/lang/en/icon_profile.gif "View user's profile"){kind=icon}
![[PM]](./templates/default/images/lang/en/icon_pm.gif "Send private message"){kind=icon}
