DevOps Security Considerations: DevSecOps Principles

DevOps    |    Intermediate
  • 11 Videos | 56m 25s
  • Includes Assessment
  • Earns a Badge
Likes 165 Likes 165
Explore core concepts, benefits, and different phases of DevSecOps in this 11-video course, which compares DevOps with DevSecOps. In this course, learners will explore the prominent DevSecOps tools that are used to integrate security throughout the DevOps pipeline and illustrate the DevSecOps maturity model. Watch demonstrations of how to integrate security and testing into DevSecOps environment. Learn how to secure Jenkins secrets to store and manage credentials; to use Jenkins OAuth plugin to securely pull from GitHub (a Git repository hosting company); and to use pen test tool to conduct penetration testing on deployed applications. Explore the prominent categories of tools provided by OWASP (Open Web Application Security Project) to secure applications. OWASP comes with Top 10 Issue Ruleset, and provides proper guidelines to ensure that those issues are taken care of when applications are written. Other key topics include Jenkins credentials, Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST).

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    compare DevOps and DevSecOps and describe the benefits of adopting the DevSecOps paradigm
    list the essential phases of the DevSecOps workflow and describe the critical checklists that can help secure DevOps implementations
    describe DevSecOps tools that are used by development teams to integrate security throughout the DevOps pipeline
    describe the DevSecOps Maturity Model and the dimensions that can help automate security checks
    describe how security and testing can be integrated into a DevSecOps environment without compromising speed, security, or quality
  • use the Jenkins OAuth plugin to securely pull from GitHub
    recall best practices for securing Jenkins Secrets to store and manage credentials
    list the categories of tools provided by OWASP to secure applications
    use penetration testing tools to conduct penetration testing on deployed application to identify vulnerabilities
    summarize the key concepts covered in this course

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

COURSE Scaling DevOps: Pipelines at Scale
Likes 11 Likes 11  
COURSE Adopting the DevOps Mindset
Likes 117 Likes 117  
COURSE SecOps Engineer: Secure Coding
Likes 23 Likes 23  

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

COURSE Defensive Coding Fundamentals for JavaScript and HTML5
Likes 108 Likes 108  
COURSE Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Coding Practices
Likes 151 Likes 151  
COURSE Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Lifecycle Management
Likes 75 Likes 75