CI/CD Pipeline Security: The Complete DevSecOps course 2024

Focused View

M Khalil,M Torkey,Cloudsark

7:31:50

629 View

1. Introduction to Docker

1. Introduction to Docker.mp4

04:16

2. Introduction to Docker and Virtual Machines.mp4

04:34

3. Setting Up Your Docker Environment - Windows Installation.mp4

03:07

4. Setting Up Your Docker Environment - Ubuntu Installation.mp4

03:28

5. Docker Terminology and Architecture.mp4

03:45

6. Docker Basics.mp4

05:47

7. Working with Docker Images.mp4

16:27

8. Managing Containers.mp4

08:04

9. Networking in Docker.mp4

05:40

10. Persistent Storage and Volumes.mp4

07:13

11. Introduction to Docker Compose and Services.mp4

03:45

12. Introduction to Docker Compose - Practical Example.mp4

05:34

13. Multi-container Applications Hands-On.mp4

07:48

14. Scalability and Load Balancing Hands-On.mp4

06:31

2. Introduction to Ansible

1. Introduction to Ansible.mp4

04:09

2. Getting Started with Ansible - Installation Guide on Ubuntu 22.04.mp4

02:33

3. Ansible Essentials - Installing with Pip in a Virtual Environment.mp4

04:28

4. Understanding Ansible- Architecture and Essentials.mp4

05:18

5. Understanding Ansible - Inventory Basics.mp4

05:05

6. Building Blocks of Ansible- Crafting Your First Inventory File.mp4

06:07

7. Anatomy of Ansible- Unraveling Hosts and Groups.mp4

04:07

8. Hands-On Ansible- Implementing Hosts and Groups in Practice.mp4

10:47

9. YAML Essentials for Ansible Automation- A Beginner s Guide.mp4

06:50

10. Playbook Structure.mp4

03:14

11. Create your first ansible playbook.mp4

11:11

12. YAML Essentials for Ansible Automation- Hands-on.mp4

11:32

3. DevSecOps Fundamentals

1. Introduction to DevSecOps.mp4

02:50

2. The Shift-Left Approach.mp4

03:15

3. DevSecOps in the SDLC.mp4

07:18

4. Benefits of Integrating Security Early.mp4

03:33

5. Key DevSecOps Principles.mp4

03:03

4. Core DevSecOps Technologies

1. The Fundamentals of Version Control Systems.mp4

04:38

2. Set Up a Version Control Account - GitHub.mp4

03:11

3. Install git on Windows and Ubuntu.mp4

04:32

4. Configure git.mp4

08:34

5. Practice Initial Commit - Modifications and Adding a New Commit.mp4

07:27

6. Mastering git - presentation.mp4

03:05

7. Branching Fundamentals.mp4

07:24

8. Encountering and Resolving Conflicts.mp4

08:15

9. Pull Requests and Reviews.mp4

08:56

10. Protect Main Branch.mp4

04:43

11. Change repo visibility.mp4

02:01

12. CICD Foundation.mp4

04:01

13. CICD Foundation Hands-On.mp4

09:37

14. Add Linting workflow to GitHub Actions.mp4

13:39

15. Add Unit Testing Work Flow to GitHub Actions.mp4

06:34

16. Building CICD Workflows for DevSecOps.mp4

03:31

17. Secure Your Code Integrating Snyk with GitHub Actions for Python Dependency.mp4

14:33

18. Fortify Your Python Code Integrating Bandit for Enhanced Security.mp4

11:48

19. Prevent Leaks Implementing Secret Detection with GitHub Actions.mp4

05:14

20. CICD with Docker and GitHub Actions Overview.mp4

02:33

21. CICD with Docker and GitHub Actions Hands-On.mp4

24:17

5. DevSecOps Practices

1. Threat Modeling Overview.mp4

03:56

2. Introduction to STRIDE Threat Model.mp4

03:56

3. Introduction to PASTS Model.mp4

05:52

4. Introduction to DREAD Model.mp4

03:14

5. Introduction to Attack Trees Model.mp4

03:51

6. Secure Code

1. Introduction to Secure Code.mp4

04:06

2. Understanding and Preventing Injection Flaws.mp4

16:13

3. Understanding and Preventing Injection Flaws.mp4

11:37

4. Cross-Site Scripting Avoidance.mp4

05:54

7. Infrastructure as Code and Its Security

1. Introduction to Infrastructure as Code.mp4

04:07

2. Introduction to Platform, Infrastructure, and Configuration Management.mp4

04:49

3. Security in Infrastructure as Code.mp4

04:28

4. Push and Pull-Based Configuration Management Systems.mp4

02:34

5. Golden Image Creation with Packer and Ansible.mp4

03:18

6. Lab 1 Building Secure Golden Images with Packer and Ansible.mp4

06:03

7. Lab 2 Building Secure Golden Images with Packer and Ansible.mp4

03:23

8. Lab 3 Building Secure Golden Images with GitHub Actions.mp4

11:27

8. Compliance as Code

1. Automating Compliance- Integrating Standards into DevOps Pipelines.mp4

03:28

2. Secure Your Infrastructure- Writing InSpec Compliance Rules.mp4

06:13

3. Integrating InSpec with Packer for Automated Testing.mp4

03:29

Description

Master DevSecOps: Integrating Security, CI/CD, Docker, Ansible, and Secure Coding Practices

What You'll Learn?

Understand and implement the Shift-Left approach to integrate security early in the SDLC
Master Git and GitHub Actions for effective version control and CI/CD workflows
Utilize Docker and Ansible for secure, scalable container and infrastructure management
Develop skills in threat modeling and secure coding to identify and mitigate vulnerabilities

Who is this for?

IT professionals seeking to integrate security into DevOps processes

Developers interested in learning secure coding and infrastructure practices

Security specialists aiming to master DevSecOps tools and methodologies

System administrators looking to implement CI/CD and automated security checks

What You Need to Know?

Basic programming knowledge in any language to understand automated scripts and code security

Fundamental IT operations knowledge for understanding software deployment

Basic Linux/Unix command line familiarity for using tools and examples

Access to a computer with internet for practicing labs and installing software

Ability to install and configure software to set up the development environment

More details

Description
Welcome to the DevSecOps complete course, this comprehensive DevSecOps course offers an in-depth exploration of the integration of security within the DevOps process. Beginning with the fundamentals of DevSecOps, the course introduces learners to key concepts such as the Shift-Left approach, the role of security in the Software Development Life Cycle (SDLC), and the benefits of early security integration. It progresses into essential version control systems skills, including Git setup and usage, branching strategies, and CI/CD foundations using GitHub Actions.
The course delves into advanced topics like threat modeling with various frameworks, secure coding practices to prevent common vulnerabilities like injection flaws and cross-site scripting, and infrastructure as code (IaC) for managing and securing configurations. It also covers compliance automation and Docker's role in DevSecOps, providing hands-on experience with Docker images, containers, and compose functionalities.
Furthermore, Ansible is thoroughly explored, from installation to crafting advanced playbooks, equipping participants with the skills to manage infrastructure as code effectively. Each section is designed to build upon the previous, ensuring a structured learning path from basic principles to advanced practices in DevSecOps. This course is ideal for IT professionals, security specialists, and developers looking to integrate security into their DevOps practices.

Enroll Now !
Who this course is for:
IT professionals seeking to integrate security into DevOps processes
Developers interested in learning secure coding and infrastructure practices
Security specialists aiming to master DevSecOps tools and methodologies
System administrators looking to implement CI/CD and automated security checks

User Reviews

Rating

average 0

Total votes0

Focused display

I'm M Khalil, I am a DevOps Engineer with a passion for teaching. I started in the IT field by learning the Linux Operating System and I've been involved with Linux for many years. My first job was a Linux Administrator and I've moved all the way across several roles until I became a DevOps Engineer. I've helped hundreds of thousands of students learn Linux Administration and learn other IT topics. I spend most of my time researching how to make learning Linux and other IT topics simple and make hard concepts easy to understand. I apply everything I discover into my courses. In my courses, you'll find lots of explanations and I always make sure everything is easy to understand.I'll be there for you every step of the way to make sure you understand everything.

M Torkey

Instructor's Courses

Hello! I'm Torkey.Empowering and educating has always been my forte. I am passionate about breaking down complex technical topics into easy-to-digest lessons that align closely with real-world applications. My approach to teaching isn't just theoretical; it's deeply rooted in the countless hours I've spent working hands-on in the field.With years under my belt as a Linux System Engineer, SRE Engineer, and DevOps Engineer, I've had the privilege of collaborating with a diverse range of companies. This experience has enriched my skill set, with proficiency in RedHat Enterprise Linux, CentOS, Ubuntu, SUSE Linux Enterprise Server, Ansible, Terraform, Python, Docker, and Kubernetes, to name a few.If you're a curious learner, aiming to master the tech realms I specialize in, let's embark on this journey together. Whether you're seeking knowledge for professional growth or personal enrichment, I'm here to guide you every step of the way.

Cloudsark

Instructor's Courses

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.