Course Outline

Day One:

Introduction

DevSecOps at a Glance

  • CI (Continuous Integration) and CD (Continuous Delivery)
  • Shifting security to the left, the DevOps way

DevSecOps Method Theories

  • Security for DevOps technologies
  • When and how security interacts with the application and the development lifecycle
  • Shared ownership of security responsibilities and activities

Day Two:

DevSecOps with Jenkins

  • Creating an agent
  • Creating a pipeline job
  • Using SYNK and SonarQube for SAST security scanning
  • Using Arachini and OWASP-ZAP for DAST security scanning
  • Using Anchore and Aqua MicroScanner for image security scanning
  • Developing a DevSecOps pipeline
  • Enabling CI and CD

Security Automation

  • Automating security testing with Gaunit
  • Running an automated attack

Application Security Automation

  • Automating and refactoring XSS attack
  • Automating SQLi attack
  • Automating a fuzzer
  • Testing security in software delivery pipelines

Summary and Conclusion

Requirements

  • An understanding of the DevOps process

Audience

  • DevOps
  14 Hours
 

Need help picking the right course?
Call us +971 4871 6715

Testimonials

It gave me a better understanding of Zabbix monitoring

- Leicestershire County Council

Firstly, learners will sum up their experience in the game, explain it carefully, and gain a deeper understanding of knowledge.

优 翟

Edutainment

莎娜 陶

Hands-on part

纪鹏 曾

Time to exchange information between participants.

Gabriel Tendera

references to the trainer's design experience while discussing specific issues

Techland sp. z o.o.;

Real-life examples.

Techland sp. z o.o.;

Examples and / or hypothetical use of the discussed concepts.

Techland sp. z o.o.;

Everything. It was very understandable, and if we didn't understand something, Adriano explained it.

Zsolt Nagy - W.UP Kft

I understand (almost) everything which Adriano explained us. Good tematics, understandable presentation.

- W.UP Kft

The use case based approach and the trainer's up to date knowledge base.

Gabor Marosi - W.UP Kft

Related Courses

Argo CD

  7 hours
Argo CD (also referred to as argocd, argo-cd, and argoproj) is a declarative, continuous delivery tool for Kubernetes clusters that simplifies application monitoring and deployment. This instructor-led, live training (online or onsite) is aimed
Read More...

AZ-400T00-A: Designing and Implementing Microsoft DevOps solutions

  35 hours
This course provides the knowledge and skills to design and implement DevOps processes and practices. Students will learn how to plan for DevOps, use source control, scale Git for an enterprise, consolidate artifacts, design a dependency management
Read More...

Continuous Delivery Ecosystem Foundation (CDEF)®

  14 hours
OVERVIEW This course is designed for participants who are engaged in the design, implementation, and management of DevOps deployment pipelines and toolchains that support Continuous Integration, Continuous Delivery, Continuous Testing and
Read More...

Continuous Testing Foundation (CTF)®

  14 hours
OVERVIEW  This comprehensive course addresses testing in a DevOps environment and covers concepts such as the active use of test automation, testing earlier in the development cycle, and instilling testing skills in developers, quality
Read More...

DevOps Engineering Foundation (DOEF)®

  14 hours
OVERVIEW DevOps is a complex maze that has many leaders frustrated. Many enterprises struggle with their DevOps journey, or even knowing where to start. There are many layers of people, process and technologies across each organization that are
Read More...

DevOps Foundation®

  14 hours
OVERVIEW As organizations are facing new entrants in their respective markets, they need to stay competitive and release new and updated products on a regular basis rather than one or two times a year.  The DevOps Foundation course
Read More...

DevOps Leader (DOL)®

  14 hours
OVERVIEW  The DevOps Leader course is a unique and practical experience for participants who want to take a transformational leadership approach and make an impact within their organization by implementing DevOps. Leading people through a
Read More...

Value Stream Management Foundation®

  14 hours
OVERVIEW The Value Stream Management Foundation course from Value Stream Management Consortium, and offered in partnership with DevOps Institute, is an introductory course taking learners through a value stream management implementation journey.
Read More...

DevSecOps Foundation (DSOF)®

  14 hours
OVERVIEW  As companies deploy code faster and more often than ever, new vulnerabilities are also accelerating. When the boss says, “Do more with less”, DevOps practices adds business and security value as an integral, strategic
Read More...

DevSecOps Practitioner (DSOP)®

  21 hours
OVERVIEW The DevSecOps Practitioner course is intended as a follow-on to the DevSecOps Foundation course. The course builds on previous understanding to dive into the technical implementation. Each section highlights useful metrics as well as
Read More...

Site Reliability Engineering (SRE) Foundation®

  14 hours
OVERVIEW  The SRE (Site Reliability Engineering) Foundation course is an introduction to the principles & practices that enable an organization to reliably and economically scale critical services. Introducing a site-reliability
Read More...

Kubernetes with Spinnaker

  14 hours
Kubernetes is an open source container-orchestration system for automating CI/CD management. Spinnaker is an open source multi-cloud CD platform for releasing software with efficiency. With Kubernetes and Spinnaker, users can employ immutable
Read More...

IT Operations Analytics

  7 hours
IT Operations Analytics (ITOA) is an approach for retrieving, analyzing, and reporting data for IT operations. ITOA is also known as "advanced operational analytics" or "IT data analytics". This instructor-led, live training
Read More...

Atlassian OpsGenie for DevOps Engineers

  14 hours
Atlassian OpsGenie is an incident management platform for monitoring critical alerts. It is a cloud-based service that integrates with monitoring tools to manage on-call notifications and accelerate the speed of response. This instructor-led,
Read More...

SonarQube for DevOps

  14 hours
SonarQube is a code quality testing tool developed by SonarSource for performing automatic reviews to detect bugs and security vulnerabilities. It can be integrated easily into existing workflows and build pipelines for continuous code
Read More...