Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Day 01
Introduction
Overview of DevSecOps
- Continuous Integration (CI) and Continuous Delivery (CD)
- Shifting security to the left, adopting the DevOps approach
DevSecOps Methodologies
- Security considerations for DevOps technologies
- The timing and nature of security interactions with applications and the development lifecycle
- Shared ownership of security responsibilities and activities
Day 02
Implementing DevSecOps with Jenkins
- Creating an agent
- Setting up a pipeline job
- Utilizing SYNK and SonarQube for SAST security scanning
- Utilizing Arachni and OWASP-ZAP for DAST security scanning
- Utilizing Anchore and Aqua MicroScanner for image security scanning
- Developing a DevSecOps pipeline
- Enabling CI and CD
Security Automation
- Automating security testing with Gaunit
- Executing an automated attack simulation
Application Security Automation
- Automating and refactoring XSS attack simulations
- Automating SQLi attack simulations
- Automating a fuzzer
- Conducting security testing within software delivery pipelines
Summary and Next Steps
Requirements
- A fundamental understanding of the DevOps process
Audience
- DevOps professionals
14 Hours
Testimonials (2)
Craig was extremely involved in the training, always making sure we are paying attention, adapted the examples to our day-to-day activities and always provided an answer when asked, even if the information was not added in the presentation.
Ecaterina Ioana Nicoale - BOOKING HOLDINGS ROMANIA SRL
Course - DevOps Foundation®
High level of commitment and knowledge of the trainer
