Course Overview
What You Will Learn
Understand the DevOps culture and principles and learn about the exhaustive list of tools and technologies that enable adopting DevOps methodologies.
Understand the security bottlenecks while implementing DevOps and learn the DevSecOps culture, philosophy, practices, and tools to enhance collaboration and communication across the development and operations teams.
Transform the organization’s security practices from the traditional approach by integrating security into Continuous Delivery workflows.
Understand the DevSecOps toolchain and include security controls in the DevOps automated pipeline.
Learn to integrate Eclipse and GitHub with Jenkins to build applications.
Align various security practices like security requirement gathering, threat modelling, secure code reviews, etc., with the development workflow.
Learn to integrate threat modelling tools like Threat Dragon, Threat Modeler, and Threatspec.
Integrate Jira and Confluence to manage security requirements.
Learn integration of security plugins, scanners, and Software Composition Analysis (SCA) tools with IDEs to detect and mitigate vulnerabilities during development and implement a Shift-Left security approach.
Learn to use Jenkins in creating a secure CI/CD pipeline.
Understand and implement continuous security testing using various tools.
SAST Tools: Snyk, SonarQube, Checkmarx
DAST Tools: StackHawk, OWASP ZAP Baseline Scan
IAST Tools: Checkmarx, NetSparker
SCA Tools: Debricked, WhiteSource Bolt, OWASP Dependency-Check
Integrate RASP tools like Hdiv, Sqreen, and Dynatrace to protect applications during runtime with fewer false positives and remediate known vulnerabilities.
Integrate SonarLint with Eclipse, Visual Studio, and VS Code IDEs.