DevSecOps: Implementing Security in DevOps Processes
DevSecOps: Implementing Security in DevOps Processes
Beginner
5 Hrs
Get the skills to develop, secure, and implement a successful DevSecOps program.
Get the skills to develop, secure, and implement a successful DevSecOps program.
Overview
DevSecOps in the DevOps cycle helps in building security right from scratch into the design, into the code and into the deployment stages. It helps to enhance the efficiency of software security. The aim of DevSecOps is to bridge the gap between security and agility.
In this course, you will be introduced to concepts of DevSecOps through continuous delivery. Before diving deep into the concept, you need to understand the challenges and constraints in DevOps like speed, design, cloud and container. Next, you will learn ways to inject security in DevOps like Shift Security Left, OWASP Proactive Controls, Secure by Default, Making Security Self-Service, Using Infrastructure as Code and the Honeymoon effect. Later the course will explain how to secure code in DevOps deployment. You will understand the lifecycle of continuous delivery and continuous integration, which is a controlled framework.
Explore ways how to secure design by performing a risk assessment and learning aspects of writing and reviewing a secure code. You will be able to perform the practical implementation of Dynamic Scanning (DAST), Fuzzing and Continuous Delivery, Security in Unit and Integration Testing, Automated Attacks, Pen Testing and Bug Bounties and Vulnerability Management. In the end, you will be able to explore various mechanisms for securing the infrastructure and the process of production. The last topic would cover compliance that needs to be followed while writing the codes.
What You Will Learn
- The importance of securing and protecting DevOps pipelines
- The biggest threats to DevOps pipelines
- The threats that exist to software, hardware, network, and cloud infrastructures
- The tools and processes necessary for DevSecOps pipeline implementation
- The practical steps necessary to protect your infrastructure while maintaining agility to react to stakeholder needs
Prerequisites
- Basic IT Experience
- A computer with at least 8 GB of RAM
Content
Chapter 1: Introduction and Importance of DevSecOps
4 Videos
High-level Overview of Course Key Aspects of DevSecOps Section Conclusion $7 Million Cybersecurity Scholarship by EC-Council Chapter 1 Quiz
Preview
Chapter 2: DevOps and CI/CD: Understanding the Difference
8 Videos
Section Introduction Term definition Scope and Purpose Process Implementation and Stages Benefits Challenges and Constraints Section Conclusion Chapter 2 Quiz
Preview
Chapter 3: The Emergence of DevSecOps
7 Videos
Section Introduction DevSecOps Concepts The Problem that DevSecOps Solves Benefits of DevSecOps Overview of DevSecOps Implementation Business Case Examples Section Conclusion Chapter 3 Quiz
Preview
Chapter 4: Inserting Security into DevOps
8 Videos
Section Introduction Using Infrastructure as Code Secure by Default Shift Security Left OWASP Proactive Controls Making Security Self-service Honeymoon Effect Section Conclusion Chapter 4 Quiz
Preview
Chapter 5: Practical Implementation
9 Videos
Section Introduction Pen Testing Security in Unit and Integration Testing Dynamic Scanning (DAST) Fuzzing and Continuous Delivery Instituting Automated Attacks Bug Bounties Vulnerability Management Section Conclusion Chapter 5 Quiz
Preview
Chapter 6: Securing Design
5 Videos
Section Introduction Threat Modeling and Risk Assessment Defining Security Requirements Researching and Verifying Risk Mitigation Section Conclusion Chapter 6 Quiz
Preview
Chapter 7: Securing Code and Software
7 Videos
Section Introduction Importance of Writing Secure Code Manual Reviews Automated Reviews Compliance in Code Generation Ensuring Supplier or Vendor Code is Secure Section Conclusion Chapter 7 Quiz
Preview
Chapter 8: Securing Infrastructure
7 Videos
Section Introduction Conducting a Network Security Audit Training Staff Limiting Access Patches and Remediation Tools and Support Section Conclusion Chapter 8 Quiz
Preview
Chapter 9: Production Processes
5 Videos
Section Introduction Physically Securing Hardware and Network Devices Limit Access and Safeguard Passwords Training and Governance Section Conclusion Chapter 9 Quiz
Preview
Chapter 10: Course Conclusion
3 Videos
Overview of Major Concepts from Course Resources for More Information Thank You and Contact Information
Preview
Instructor
Brian
Get access to only this course
$59.99
One-time PaymentGet access to all 500+ courses with EC-Council Pro
$59.99/Month
Get access to all 500+ courses with EC-Council Pro
$599/Year
Get 2 months free!
Looking to train your team?
Try EC-Council Enterprise ยปReviews
(459 reviews)
5
Average Course Rating
Related Courses
144 enrollments
Course
Bootstrap 4 Quick Website Bootstrap Components Course
$49.99
310 enrollments
Course
The Complete Full-Stack JavaScript Course
$79.99
21 enrollments
Course
React.JS for Ecommerce: Building a Store with React.JS
$49.99