DevSecOps Bootcamp

DevSecOps Bootcamp

English | MP4 | AVC 1920×1980 | AAC 44KHz 2ch | 75 Lessons (14h 19m) | 3.15 GB

Stand out and 10x your value with this in-demand skills. Cybercrime is expected to cost companies 10.5 Trillion annually. With the rate of attacks increasing, the demand for DevSecOps skills is at an all-time high. Be recognized as a top tech professional and land high-paying jobs

Integrate Security in every step of DevOps

You will be able to

  • Implement complete DevSecOps processes at your work
  • Build secure CI/CD pipelines
  • Drive adoption of DevSecOps at your company
  • Automate security checks to prevent workflow bottlenecks
  • Detect, visualize, analyze and remediate security vulnerabilities
  • Secure AWS Cloud and write secure IaC
  • Secure Kubernetes cluster with automation and security best practices

You will learn

  • DevSecOps concepts, like SAST, SCA, DAST and Security as Code
  • Various Security Scanning Tools, like GitLeaks, Semgrep, njsScan, RetireJS, Zap, Trivy, TFSec
  • Secrets Management with Vault, KMS
  • Various DevSecOps tools: DefectDojo, Vault, AWS Secrets Manager, InSpec
  • Concepts and Tools for Observability, GitOps, Cloud Security, Image Security
  • Compliance as Code, Policy as Code
  • Roles and Responsibilities in DevSecOps in practice

Most Comprehensive DevSecOps Course

1 – Security Essentials

  • Importance of Security
  • Security Breaches Examples
  • Types of Security Attacks​
  • OWASP Top Ten

2 – Introduction to DevSecOps

  • Issues with traditional approach to Security
  • Understand DevSecOps
  • Tools for Automated Security Tests
  • Concept vs Role
  • Roles & Responsibilities in DevSecOps

3 – Build Secure CI ​

  • ​Vulnerability Scanning:
  • ​Pre-Commit Hooks
  • SAST and SCA
  • Visualizing, False Positive Analysis
  • Remediation
  • Integrate Security Scans in a Continuous Integration Pipeline​

Tools: GitLeaks, njsScan, Semgrep, Retire.js, DefectDojo, GitLab CI

4 – Build Secure Images

  • Docker Security Best Practices
  • Image Scanning in Release Pipeline
  • Image Scanning in Docker Registry​

Tools: Trivy, Docker, AWS ECR, GitLab CI

5 – Cloud Security (AWS)

  • AWS Access Management (Users, Groups, Roles, Policies)
  • AWS Security IaC
  • AWS Logging and Monitoring

6 – Secure Deployment

  • Secure Application Deployment from Release Pipeline
  • AWS Systems Manager Agent (SSM)
  • AWS Roles for deployment
  • Deploying without static AWS Credentials

7 – Dynamic Application Security Testing (DAST)

  • Dynamic Application Security testing
  • Integrate DAST tool in Release Pipeline
  • Fixing Dynamic Scan Findings
  • Baseline vs Full Scans

Tools: Zap, DefectDojo

8 – Secure Infrastructure as Code

  • Define Secure Infrastructure with IaC
  • IaC in DevSecOps
  • Create Release Pipeline for IaC Project using GitOps Practices
  • Run Security Checks for IaC code in Release Pipeline

Tools: Terraform, AWS, TFSec

9 – AWS Logging and Monitoring

  • Auditing with AWS CloudTrail​
  • Monitoring and Alerting with AWS CloudWatch
  • Billing Alerts for cloud cost spends

Will be part of 2nd release in Q1/2024

10 – Securing Kubernetes & Secure Deployment to EKS

  • Istio Service Mesh
  • Secret Management
  • Kubernetes Secrets
  • HashiCorp Vault
  • AWS KMS and Secrets Manager
  • Key Kubernetes Security Practices
  • RBAC​
  • IAM Roles for AWS EKS, ECR
  • Scanning for Misconfigurations & Security Vulnerabilities
  • Security Policies
  • Open Policy Agent (OPA)​
  • Policy as Code

11 – Observability

  • Incident Management
  • Integrating Logging and Auditing into Software Development Lifecycle and Operations

12 – Governance & Compliance as Code

  • CIS Benchmarks
  • Governance & Compliance
  • Compliance as Code

13 – DevSecOps in Organizations

  • Strategies for promoting a DevSecOps culture
  • Steps for adopting DevSecOps Principles in Organizattion
Table of Contents

part 1

Getting Started with the DevSecOps Bootcamp
1 Why learn DevSecOps
2 Pre-Requisites of Bootcamp
3 DevSecOps Bootcamp Curriculum Overview
4 Support and Other Bootcamp Materials
5 Certified DevSecOps Practitioner – Applying for Digital Badge

Security Essentials
6 Introduction to Security (1 – Security Essentials)
7 Importance of Security & Impact of Security Breaches
8 How to Secure Systems Against Attacks
9 Types of Security Attacks – Part 1
10 Types of Security Attacks – Part 2
11 OWASP top 10 – Part 1
12 OWASP top 10 – Part 2
13 Security in Layers

Introduction to DevSecOps
14 Issues with Traditional Approach to Security (2 – Introduction to DevSecOps)
15 Understand DevSecOps
16 Roles & Responsibilities in DevSecOps

Application Vulnerability Scanning
17 Build a Continuous Integration Pipeline (3 – Application Vulnerability Scanning)
18 Impact of Missing Security Insights
19 Secret Scanning with GitLeaks – Local Environment
20 Pre-commit Hook for Secret Scanning & Integrating GitLeaks in CI Pipeline
21 False Positives & Fixing Security Vulnerabilities
22 Integrate SAST Scans in Release Pipeline

Vulnerability Management and Remediation
23 Generate Security Scanning Reports (4 – Vulnerability Management and Remediation)
24 Introduction to DefectDojo, Managing Security Findings, CWEs
25 Automate Uploading Security Scan Results to DefectDojo
26 Fix Security Issues Discovered in the DevSecOps Pipeline

Vulnerability Scanning for Application Dependencies
27 Software Composition Analysis – Security Issues in Application Dependencies (5 – Vulnerability Scanning for Application Dependencies)
28 Import SCA Scan Reports in DefectDojo, Fixing SCA Findings, CVEs
29 Overview of Static Security Scans in CI Pipeline

Build a CD Pipeline
30 Overview of a CICD Pipeline (6 – Build a CD Pipeline)
31 Introduction to Security Layers for AWS Access
32 Integrate CICD Pipeline with AWS ECR
33 Configure Application Deployment Environment on EC2 Server
34 Deploy Application to EC2 Server with Release Pipeline
35 Configure Self-Managed GitLab Runner for Pipeline Jobs
36 Build Application Images on Self-Managed Runner, Leverage Docker Caching

Image Scanning – Build Secure Docker Images
37 Overview of Image Security (7 – Image Scanning – Build Secure Docker Images)
38 Configure Automated Security Scanning in Application Image
39 Analyze & Fix Security Issues from Findings in Application Image
40 Automate Uploading Image Scanning Results in DefectDojo
41 Docker Security Best Practices
42 Configure Automated Image Security Scanning in ECR Image Repository
43 Overview of Automated Application Code and Image Scanning Steps

AWS Cloud Security & Access Management
44 AWS Security Essentials (8 – AWS Cloud Security & Access Management)
45 Understand AWS Access Management using IAM Service
46 Securing AWS Root User Account
47 IAM Users, Groups & Policies
48 Secure Access from CICD Pipeline to AWS
49 Understand Importance of IAM Roles in AWS Cloud Security
50 Overview of IAM Resources & Secure Access Management in AWS

Secure Continuous Deployment & DAST
51 Security Essentials for Accessing Deployment Server (9 – Secure Continuous Deployment & DAST)
52 Configure AWS Systems Manager for EC2 Server
53 AWS SSM Commands in Release Pipeline for Server Access
54 Secure Continuous Deployment to Server using SSM
55 Secure Access to AWS with IAM Roles & Short-Lived Credentials
56 Overview of AWS Security Measures and Continuous Security Improvements
57 Understand Dynamic Application Security Testing (DAST)
58 Configure Automated DAST Scans in CICD Pipeline
59 Overview of Complete DevSecOps Pipeline with Static and Dynamic Security Scans

IaC and GitOps for DevSecOps
60 Understand Impact of IaC in Security & DevSecOps (10 – IaC and GitOps for DevSecOps)
61 Terraform Script for AWS Infrastructure Provisioning
62 Replace Manually Created Infrastructure with Automatically Provisioned Resources
63 Build CICD Pipeline for Infrastructure Code using GitOps Principles
64 Configure Remote State for Terraform
65 Add Automated Security Scan to TF Infrastructure Code
66 Understand IaC Concept Cattle vs Pets

Logging & Monitoring for Security
67 Understand Need for Logging and Monitoring in Security (11 – Logging & Monitoring for Security)
68 Introduction to CloudTrail and CloudWatch
69 CloudTrail Event History
70 Configure Multi-Region Trail in CloudTrail & Forward Logs to CloudWatch
71 Create CloudWatch Alarm for EC2 Instance
72 Create Custom Metric Filter for Failed Login Metrics
73 Configure Alarm for Failed Login Attempts
74 Configure AWS Budgets for Monthly Usage Costs
75 Complete Bootcamp Part 1 – Next Steps