Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Introduction to DevSecOps
- The significance of integrating security into the DevOps process
- Core principles and practices of DevSecOps
Continuous Integration (CI) Security
- Securing code repositories (GitLab integration with Jenkins)
- Automated code quality and security analysis using SonarQube
- Implementing static code analysis as part of the Jenkins CI pipeline
Container Security with Docker
- Creating secure Docker images
- Managing Docker image repositories with Harbor
- Best practices for vulnerability scanning and image version control
Establishing Secure CI/CD Pipelines
- Configuring Jenkins for security integration
- Conducting SonarQube analysis
- Generating and securing Docker images
Securing the Deployment Process with Kubernetes
- Security practices for Kubernetes orchestration
- The role of the Kubernetes Orchestrator in secure progressive deployment
- Implementing RBAC (Role-Based Access Control) and securing service communication
Integrating RabbitMQ, PostgreSQL, and MongoDB
- Secure communication between services
- Data security practices for PostgreSQL and MongoDB
- Hardening RabbitMQ for secure messaging
Identity and Access Management with Keycloak
- Configuring Keycloak for user authentication and authorization
- Managing identity for Kubernetes clusters
Implementing Security in Kubernetes
- Deploying applications securely on Kubernetes
- Integrating Keycloak with Docker and Kubernetes for identity management
Monitoring and Auditing in DevSecOps
- Tools and techniques for continuous monitoring
- Auditing deployments and maintaining compliance
- Practical guide to automating rollback on security failures
Summary and Next Steps
Requirements
- A solid understanding of the DevOps process
- Basic working knowledge of Docker containers and Kubernetes orchestration
Audience
- DevOps professionals
14 Hours
Testimonials (2)
Craig was extremely involved in the training, always making sure we are paying attention, adapted the examples to our day-to-day activities and always provided an answer when asked, even if the information was not added in the presentation.
Ecaterina Ioana Nicoale - BOOKING HOLDINGS ROMANIA SRL
Course - DevOps Foundation®
High level of commitment and knowledge of the trainer
