DevOps Security Considerations: DevSecOps Principles
DevOps
| Intermediate
- 11 videos | 56m 25s
- Includes Assessment
- Earns a Badge
Explore core concepts, benefits, and different phases of DevSecOps in this 11-video course, which compares DevOps with DevSecOps. In this course, learners will explore the prominent DevSecOps tools that are used to integrate security throughout the DevOps pipeline and illustrate the DevSecOps maturity model. Watch demonstrations of how to integrate security and testing into DevSecOps environment. Learn how to secure Jenkins secrets to store and manage credentials; to use Jenkins OAuth plugin to securely pull from GitHub (a Git repository hosting company); and to use pen test tool to conduct penetration testing on deployed applications. Explore the prominent categories of tools provided by OWASP (Open Web Application Security Project) to secure applications. OWASP comes with Top 10 Issue Ruleset, and provides proper guidelines to ensure that those issues are taken care of when applications are written. Other key topics include Jenkins credentials, Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST).
WHAT YOU WILL LEARN
-
discover the key concepts covered in this coursecompare DevOps and DevSecOps and describe the benefits of adopting the DevSecOps paradigmlist the essential phases of the DevSecOps workflow and describe the critical checklists that can help secure DevOps implementationsdescribe DevSecOps tools that are used by development teams to integrate security throughout the DevOps pipelinedescribe the DevSecOps Maturity Model and the dimensions that can help automate security checksdescribe how security and testing can be integrated into a DevSecOps environment without compromising speed, security, or quality
-
use the Jenkins OAuth plugin to securely pull from GitHubrecall best practices for securing Jenkins Secrets to store and manage credentialslist the categories of tools provided by OWASP to secure applicationsuse penetration testing tools to conduct penetration testing on deployed application to identify vulnerabilitiessummarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview1m 8sUP NEXT
-
2.DevOps and DevSecOps3m 40s
-
3.Phases of the DevSecOps Workflow12m 52s
-
4.DevSecOps Tools7m 34s
-
5.DevSecOps Maturity Model7m 20s
-
6.DevSecOps Best Practices5m 24s
-
7.Jenkins OAuth5m 4s
-
8.Managing Jenkins Credentials3m 26s
-
9.OWASP Tools6m 16s
-
10.Penetration Testing2m 4s
-
11.Course Summary1m 38s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.