Microsoft Azure DevOps Engineer: Implement a Secure and Compliant Development Process

Focused View

Neil Morrissey

1:57:57

35 View

01 - Course Overview

01 - Course Overview.mp4

01:49

02 - Implementing Code Analysis Security Workflow

02 - Introduction.mp4

01:28

03 - DevSecOps and Shifting Security Left.mp4

03:48

04 - Automated Security Testing Tools in Azure DevOps Pipelines.mp4

05:36

05 - Examples of Security Vulnerabilities.mp4

05:41

06 - Demo- Automated Testing in an Azure DevOps Pipeline.mp4

06:33

07 - Module Summary.mp4

00:51

03 - Implementing Security Scanning in Your Build Pipeline Concepts

7.mp4

02:09

08 - Introduction.mp4

01:22

09 - Create an Azure DevOps Build Pipeline.mp4

03:48

10 - Adding WhiteSource Bolt to the Build Pipeline.mp4

04:16

11 - Module Summary.mp4

00:53

12 - Understanding Microsoft Roslyn Security Analyzers.mp4

04:52

13 - Install and Configure Roslyn Security Analyzers.mp4

05:44

14 - Security Scanning in Build Tasks.mp4

03:16

15 - Adding Third-party Security Scanning Tools.mp4

01:40

16 - Configuring SonarCloud in an Azure DevOps Pipeline.mp4

08:50

17 - Adding SonarCloud Comments to Pull Requests.mp4

05:25

18 - Scanning Open-source Libraries for Vulnerabilities.mp4

04:53

04 - Implementing Automated Penetration Testing for Your Projects

19 - Introduction.mp4

01:18

20 - Updating Pipeline to Deploy to Azure App Service .mp4

06:40

21 - Understanding OWASP Zap.mp4

05:14

22 - Penetration Testing with OWASP Zap.mp4

03:19

23 - Passive Scanning in a CI Release Pipeline.mp4

06:41

24 - Active Scanning in a Nightly Release Pipeline.mp4

02:15

25 - Module Summary.mp4

00:50

05 - Managing Secrets, Tokens, and Certificates

26 - Introduction.mp4

00:35

27 - Secret Management and Azure Key Vault.mp4

03:49

28 - Retrieving Secrets with the Azure Key Vault Task.mp4

10:00

29 - Azure Key Vault Secrets and Pipeline Variable Groups.mp4

03:34

30 - Module Summary.mp4

00:48

Description

This course will teach you how to implement secure development practices and automated security testing into your Azure DevOps Pipelines. You'll learn to integrate code scanning, penetration testing, and secret management into Pipelines.

What You'll Learn?

It's no longer acceptable to just perform security testing at the end of long development cycles. With modern DevOps practices, frequent production releases are normal, so an approach is needed to automate security testing in the CI/CD process. In this course, Microsoft Azure DevOps Engineer: Implement a Secure and Compliant Development Process, you'll learn how to implement secure development practices in your Azure DevOps Pipelines. First, you'll learn how to integrate automated code scanning in your pipelines to detect coding errors that could cause security vulnerabilities. Next, you'll discover how to implement tasks to detect vulnerabilities in open source libraries your code uses. Then, you'll explore how to automatically conduct a penetration test when your application is deployed to a test environment. Finally, you'll learn how to properly handle application secrets like database passwords or certificates in your deployment process. When you're finished with this course, you'll have the skills and knowledge needed to integrate secure development practices into your Azure DevOps Pipelines.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Microsoft Azure

DevOps

Neil Morrissey

Instructor's Courses

Neil has worked on everything from early mobile .NET compact framework apps to modern Azure based web apps during his years in IT. As a developer and architect, he has focused on .NET and JavaScript application development, security, and hosting across a variety of Microsoft platforms, including ASP.NET, SharePoint, and Dynamics CRM. Neil has several Microsoft Certifications, including MCPD, MCSA, and MCSD.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.