Explore the implementation of secure CI/CD pipelines in this comprehensive DevSecOps tutorial. Learn about the fundamentals of DevOps and SDLC, understand the differences between basic CI/CD and DevSecOps pipelines, and gain hands-on experience setting up a cloud lab environment. Master the process of configuring Jenkins and Tomcat servers, creating build pipelines, and integrating continuous deployment. Dive into essential security practices such as checking Git secrets using Trufflehog, performing source composition analysis with OWASP Dependency Checker, implementing SAST through Sonarqube integration, and conducting DAST with ZAP Baseline Scan. Equip yourself with the knowledge and skills to build robust, secure CI/CD pipelines for modern software development.
Overview
Syllabus
DEVSECOPS#1 Introduction - Implementing Secure CI/CD Pipelines.
DEVSECOPS#2 Overview - CICD Pipeline.
DEVSECOPS#3 DevOps and SDLC.
DEVSECOPS#4 Basic CICD Pipeline and DevSecOps Pipeline.
DEVSECOPS#5 Setting up Cloud Lab Environment.
DEVSECOPS#6 Setting up Jenkins Server.
DEVSECOPS#7 Setting Up Tomcat Server.
DEVSECOPS#8 Creating Build Pipeline in Jenkins.
DEVSECOPS#9 Integrating Continuous Deployement in jenkins Pipeline.
DEVSECOPS#10 Checking Git Secrets in Pipeline using Trufflehog.
DEVSECOPS#11 Source Composition Analysis in Pipeline using OWASP Dependency Checker.
DEVSECOPS#12 SAST - Sonarqube integration in Jenkins Pipeline.
DEVSECOPS#13 DAST - ZAP Baseline Scan Integration in Jenkins Pipeline.
Taught by
Hack With Me
Related Courses
Reviews
5.0 rating, based on 2 Class Central reviews
-
Nice course. It would be great if you implement more practicals over theory. Hope it will upgrade in future courses. And thanks for providing great content and explanation
-
David FaustinoThis course is completeThis course is a complete introduction to the implementation of DESECOPS practices.
I learned a lot about the tools and their integrations and parameterizations.
