DevSecOps Bootcamp

December 25, 2024 Courses
DevSecOps Bootcamp

English | MP4 | AVC 1920×1980 | AAC 44KHz 2ch | 147 Lessons (27h 1m) | 7.15 GB

Stand out and 10x your value with this in-demand skills. Cybercrime is expected to cost companies 10.5 Trillion annually. With the rate of attacks increasing, the demand for DevSecOps skills is at an all-time high. Be recognized as a top tech professional and land high-paying jobs

Integrate Security in every step of DevOps

You will learn

  • DevSecOps concepts, like SAST, SCA, DAST and Security as Code
  • Various Security Scanning Tools, like GitLeaks, Semgrep, njsScan, RetireJS, Zap, Trivy, TFSec
  • Secrets Management with Vault, KMS
  • Various DevSecOps tools: DefectDojo, Vault, AWS Secrets Manager, InSpec
  • Concepts and Tools for Observability, GitOps, Cloud Security, Image Security
  • Compliance as Code, Policy as Code
  • Roles and Responsibilities in DevSecOps in practice

You will be able to

  • Implement complete DevSecOps processes at your work
  • Build secure CI/CD pipelines
  • Drive adoption of DevSecOps at your company
  • Automate security checks to prevent workflow bottlenecks
  • Detect, visualize, analyze and remediate security vulnerabilities
  • Secure AWS Cloud and write secure IaC
  • Secure Kubernetes cluster with automation and security best practices
Table of Contents

part 1

Getting Started with the DevSecOps Bootcamp
1 Why learn DevSecOps
2 Pre-Requisites of Bootcamp
3 DevSecOps Bootcamp Curriculum Overview
4 Support and Other Bootcamp Materials
5 Certified DevSecOps Practitioner – Applying for Digital Badge

Security Essentials
6 Introduction to Security (1 – Security Essentials)
7 Importance of Security & Impact of Security Breaches
8 How to Secure Systems Against Attacks
9 Types of Security Attacks – Part 1
10 Types of Security Attacks – Part 2
11 OWASP top 10 – Part 1
12 OWASP top 10 – Part 2
13 Security in Layers

Introduction to DevSecOps
14 Issues with Traditional Approach to Security (2 – Introduction to DevSecOps)
15 Understand DevSecOps
16 Roles & Responsibilities in DevSecOps

Application Vulnerability Scanning
17 Build a Continuous Integration Pipeline (3 – Application Vulnerability Scanning)
18 Impact of Missing Security Insights
19 Secret Scanning with GitLeaks – Local Environment
20 Pre-commit Hook for Secret Scanning & Integrating GitLeaks in CI Pipeline
21 False Positives & Fixing Security Vulnerabilities
22 Integrate SAST Scans in Release Pipeline

Vulnerability Management and Remediation
23 Generate Security Scanning Reports (4 – Vulnerability Management and Remediation)
24 Introduction to DefectDojo, Managing Security Findings, CWEs
25 Automate Uploading Security Scan Results to DefectDojo
26 Fix Security Issues Discovered in the DevSecOps Pipeline

Vulnerability Scanning for Application Dependencies
27 Software Composition Analysis – Security Issues in Application Dependencies (5 – Vulnerability Scanning for Application Dependencies)
28 Import SCA Scan Reports in DefectDojo, Fixing SCA Findings, CVEs
29 Overview of Static Security Scans in CI Pipeline

Build a CD Pipeline
30 Overview of a CICD Pipeline (6 – Build a CD Pipeline)
31 Introduction to Security Layers for AWS Access
32 Integrate CICD Pipeline with AWS ECR
33 Configure Application Deployment Environment on EC2 Server
34 Deploy Application to EC2 Server with Release Pipeline
35 Configure Self-Managed GitLab Runner for Pipeline Jobs
36 Build Application Images on Self-Managed Runner, Leverage Docker Caching

Image Scanning – Build Secure Docker Images
37 Overview of Image Security (7 – Image Scanning – Build Secure Docker Images)
38 Configure Automated Security Scanning in Application Image
39 Analyze & Fix Security Issues from Findings in Application Image
40 Automate Uploading Image Scanning Results in DefectDojo
41 Docker Security Best Practices
42 Configure Automated Image Security Scanning in ECR Image Repository
43 Overview of Automated Application Code and Image Scanning Steps

AWS Cloud Security & Access Management
44 AWS Security Essentials (8 – AWS Cloud Security & Access Management)
45 Understand AWS Access Management using IAM Service
46 Securing AWS Root User Account
47 IAM Users, Groups & Policies
48 Secure Access from CICD Pipeline to AWS
49 Understand Importance of IAM Roles in AWS Cloud Security
50 Overview of IAM Resources & Secure Access Management in AWS

Secure Continuous Deployment & DAST
51 Security Essentials for Accessing Deployment Server (9 – Secure Continuous Deployment & DAST)
52 Configure AWS Systems Manager for EC2 Server
53 AWS SSM Commands in Release Pipeline for Server Access
54 Secure Continuous Deployment to Server using SSM
55 Secure Access to AWS with IAM Roles & Short-Lived Credentials
56 Overview of AWS Security Measures and Continuous Security Improvements
57 Understand Dynamic Application Security Testing (DAST)
58 Configure Automated DAST Scans in CICD Pipeline
59 Overview of Complete DevSecOps Pipeline with Static and Dynamic Security Scans

IaC and GitOps for DevSecOps
60 Understand Impact of IaC in Security & DevSecOps (10 – IaC and GitOps for DevSecOps)
61 Terraform Script for AWS Infrastructure Provisioning
62 Replace Manually Created Infrastructure with Automatically Provisioned Resources
63 Build CICD Pipeline for Infrastructure Code using GitOps Principles
64 Configure Remote State for Terraform
65 Add Automated Security Scan to TF Infrastructure Code
66 Understand IaC Concept Cattle vs Pets

Logging & Monitoring for Security
67 Understand Need for Logging and Monitoring in Security (11 – Logging & Monitoring for Security)
68 Introduction to CloudTrail and CloudWatch
69 CloudTrail Event History
70 Configure Multi-Region Trail in CloudTrail & Forward Logs to CloudWatch
71 Create CloudWatch Alarm for EC2 Instance
72 Create Custom Metric Filter for Failed Login Metrics
73 Configure Alarm for Failed Login Attempts
74 Configure AWS Budgets for Monthly Usage Costs
75 Complete Bootcamp Part 1 – Next Steps

part 2
76 Kubernetes Security Overview
77 Kubernetes Security Best Practices
78 Provision AWS EKS Cluster
79 Chapter Introduction
80 Role Based Access Control RBAC
81 IAM Roles and K8s Roles How it works
82 Configure IAM Roles and link to K8s Roles in IaC
83 Configure K8s Role and ClusterRole in IaC
84 Review and Test Access
85 Summary Wrap Up
86 Using GitLab OIDC in AWS
87 Configure Authentication with GitLab Identity Provider
88 Pipeline Configuration for establishing a secure connection
89 Terraform Configuration for EKS provisioning
90 Summary Wrap Up
91 Introduction to EKS Blueprints
92 Overview of EKS Add ons we install
93 Configure EKS Add ons
94 Troubleshooting Tuning Autoscaler
95 Access Token Expiration
96 Chapter Overview
97 ArgoCD explained Part 1 What Why and How
98 ArgoCD explained Part 2 Benefits and Configuration
99 Overview of CI or CD Pipelines to Git repositories
100 Configure ArgoCD in IaC Deploy Argo Part 1
101 IaC Pipeline Configuration Deploy Argo Part 2
102 Deployment through Pipeline and Access Argo UI Deploy Argo Part 3
103 K8s Manifests for Microservices App using Kustomize
104 Create GitOps Pipeline to update Kustomization File
105 Create CI Pipeline that triggers GitOps Pipeline
106 See Whole Automated Workflow in Action
107 Why Policy as Code
108 Introduction to Open Policy Agent OPA and OPA Gatekeeper
109 How Gatekeeper and OPA works
110 Install OPA Gatekeeper in Cluster
111 Defining Policies
112 Define Policy to reject NodePort Service
113 Define Policy to reject Privileged Containers
114 Summary
115 Why Secrets Manager are needed
116 Introduction to External Secrets Operator in K8s
117 Capabilities of Secrets Management Tools
118 Vault Capabilities Vault Deep Dive Part 1
119 How Vault works Vault Deep Dive Part 2
120 Introduction to AWS Secrets Manager
121 Deploy External Secrets Controller Demo Part 1
122 Create SecretStore and ExternalSecret
123 Use Secret in Microservice Demo Part 3
124 Chapter and Demo Overview
125 Service Mesh and Istio What Why and How
126 Install Istio in K8s cluster
127 Configure Traffic Routing
128 Configure a Secure Gateway
129 mTLS Deep Dive
130 Authorization in Istio Deep Dive
131 Istio Policies vs K8s Network Policies
132 Configure Authorization Policies
133 Wrap Up
134 What is Compliance
135 What are CIS Benchmarks
136 Why Compliance as Code
137 Demo Overview and Introduction to AWS Config
138 Setting up AWS Config Rules
139 Configure Auto Remediation for Insecure Security Groups for EC2 Instances
140 Configure Auto Remediation for CloudTrail Logging if switched off
141 Configure Compliance Rules for AWS EKS Service
142 Wrap Up
143 Why DevSecOps is Important
144 Driving Cultural Change Real World Examples of Companies
145 How to start implementing DevSecOps in Organizations Practical Tips
146 Final Summary. The DevSecOps Transformation
147 Apply for the Certified DevSecOps Practitioner credential Digital Badge

PDF
01 Security Essentials
02 Intro to DevSecOps
03 App Vulnerability Scanning
04 Vulnerability Management
05 Vulnerability Scanning for App Dependencies
06 Set up CD Pipeline
07 Image Scanning
08 AWS Cloud Security and Access Management
09 Secure Continuous Deployment & DAST
10 IaC and GitOps for DevSecOps
11 Logging & Monitoring for Security
12 Introduction to Kubernetes Security
13 Kubernetes Access Management
14 Secure IaC Pipeline for EKS Provisioning
15 EKS Blueprints
16 App Release Pipeline with ArgoCD
17 Policy as Code
18 Secrets Management
19 Service Mesh with Istio
20 Compliance as Code

Homepage

Resolve the captcha to access the links!