Course Outline

Day One:


DevSecOps at a Glance

  • CI (Continuous Integration) and CD (Continuous Delivery)
  • Shifting security to the left, the DevOps way

DevSecOps Method Theories

  • Security for DevOps technologies
  • When and how security interacts with the application and the development lifecycle
  • Shared ownership of security responsibilities and activities

Day Two:

DevSecOps with Jenkins

  • Creating an agent
  • Creating a pipeline job
  • Using SYNK and SonarQube for SAST security scanning
  • Using Arachini and OWASP-ZAP for DAST security scanning
  • Using Anchore and Aqua MicroScanner for image security scanning
  • Developing a DevSecOps pipeline
  • Enabling CI and CD

Security Automation

  • Automating security testing with Gaunit
  • Running an automated attack

Application Security Automation

  • Automating and refactoring XSS attack
  • Automating SQLi attack
  • Automating a fuzzer
  • Testing security in software delivery pipelines

Summary and Conclusion


  • An understanding of the DevOps process


  • DevOps
  14 Hours


Related Courses

Argo CD

  7 hours

AZ-400T00-A: Designing and Implementing Microsoft DevOps solutions

  35 hours

Continuous Delivery Ecosystem Foundation (CDEF)®

  14 hours

Continuous Testing Foundation (CTF)®

  14 hours

DevOps Engineering Foundation (DOEF)®

  14 hours

DevOps Foundation®

  14 hours

DevOps Leader (DOL)®

  14 hours

Value Stream Management Foundation®

  14 hours

DevSecOps Foundation (DSOF)®

  14 hours

DevSecOps Practitioner (DSOP)®

  21 hours

Site Reliability Engineering (SRE) Foundation®

  14 hours

Kubernetes with Spinnaker

  14 hours

IT Operations Analytics

  7 hours

Atlassian OpsGenie for DevOps Engineers

  14 hours

SonarQube for DevOps

  14 hours