Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

AZ-400: Implement security and validate code bases for compliance

Microsoft via Microsoft Learn

Overview

  • Module 1: Understand security in the Pipeline
    • Plan to DevSecOps
    • Integrate security tools like WhiteSource, Micro Focus, Checkmarx and Veracode with Azure DevOps
    • Implement pipeline security
    • Use Secure DevOps kit for Azure (AzSK)
  • Module 2: Introduction to Azure Security Center
  • By the end of this module, you'll be able to:

    • Configure Azure Security Center
    • Understand Azure policies
    • Describe initiatives, resource locks and Azure Blueprints
    • Work with Microsoft Defender for Identity
  • Module 3: Implement open-source software
  • By the end of this module, you'll be able to:

    • Implement open-source software
    • Explain corporate concerns for open-source components
    • Describe open-source licenses
    • Understand the license implications and ratings
  • Module 4: Manage anti-malware and anti-spam policies
  • By the end of this module, you'll be able to:

    • Manage anti-malware and anti-spam policies
    • Inspect and validate code bases for compliance
    • Implement OWASP Security Coding Practices
    • Understand compliance for code bases
  • Module 5: Integrate license and vulnerability scans
  • By the end of this module, you'll be able to:

    • Implement security validation
    • Work with SonarCloud
    • Interpret alerts from scanner tools
    • Configure GitHub Dependabot alerts and security
  • Module 6: Identify technical debt
  • By the end of this module, you'll be able to:

    • Identify and manage technical debt
    • Integrate code quality tools
    • Plan code reviews
    • Describe complexity and quality metrics

Syllabus

  • Module 1: Understand security in the Pipeline
    • Introduction
    • Understand DevSecOps
    • Explore rugged DevOps pipeline
    • Explore software composition analysis (SCA)
    • Integrate WhiteSource with Azure DevOps pipeline
    • Integrate Micro Focus Fortify with Azure Pipelines
    • Integrate Checkmarx with Azure DevOps
    • Integrate Veracode with Azure DevOps
    • Integrate software composition analysis checks into pipelines
    • Implement pipeline security
    • Secure DevOps kit for Azure (AzSK)
    • Knowledge check
    • Summary
  • Module 2: Introduction to Azure Security Center
    • Introduction
    • Explore Azure Security Center
    • Examine Azure Security Center usage scenarios
    • Explore Azure Policy
    • Understand policies
    • Explore initiatives
    • Explore resource locks
    • Explore Azure Blueprints
    • Understand Microsoft Defender for Identity
    • Knowledge check
    • Summary
  • Module 3: Implement open-source software
    • Introduction
    • Explore how software is built
    • What is open-source software?
    • Explore corporate concerns with open-source software components
    • Introduction to open-source licenses
    • Explore common open-source licenses
    • Examine license implications and ratings
    • Knowledge check
    • Summary
  • Module 4: Manage anti-malware and anti-spam policies
    • Introduction
    • Inspect and validate code bases for compliance
    • Plan to implement OWASP Secure Coding Practices
    • Knowledge check
    • Summary
  • Module 5: Integrate license and vulnerability scans
    • Introduction
    • Implement continuous security validation
    • Explore OWASP ZAP penetration test
    • Explore OWASP ZAP results and bugs
    • Examine tools for assess package security and license rate
    • Explore SonarCloud
    • Interpret alerts from scanner tools
    • Explore CodeQL in GitHub
    • Implement GitHub Dependabot alerts and security updates
    • Knowledge check
    • Summary
  • Module 6: Identify technical debt
    • Introduction
    • Examine code quality
    • Examine complexity and quality metrics
    • Introduction to technical debt
    • Measure and manage technical debt
    • Integrate other code quality tools
    • Plan effective code reviews
    • Knowledge check
    • Summary

Reviews

Start your review of AZ-400: Implement security and validate code bases for compliance

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.