Microsoft Azure DevOps Engineer: Implement a Secure and Compliant Development Process

This course will teach you how to implement secure development practices and automated security testing into your Azure DevOps Pipelines. You'll learn to integrate code scanning, penetration testing, and secret management into Pipelines.
Course info
Level
Advanced
Updated
Nov 8, 2019
Duration
1h 58m
Table of contents
Description
Course info
Level
Advanced
Updated
Nov 8, 2019
Duration
1h 58m
Description

It's no longer acceptable to just perform security testing at the end of long development cycles. With modern DevOps practices, frequent production releases are normal, so an approach is needed to automate security testing in the CI/CD process. In this course, Microsoft Azure DevOps Engineer: Implement a Secure and Compliant Development Process, you'll learn how to implement secure development practices in your Azure DevOps Pipelines. First, you'll learn how to integrate automated code scanning in your pipelines to detect coding errors that could cause security vulnerabilities. Next, you'll discover how to implement tasks to detect vulnerabilities in open source libraries your code uses. Then, you'll explore how to automatically conduct a penetration test when your application is deployed to a test environment. Finally, you'll learn how to properly handle application secrets like database passwords or certificates in your deployment process. When you're finished with this course, you'll have the skills and knowledge needed to integrate secure development practices into your Azure DevOps Pipelines.

About the author
About the author

Neil is a solutions architect and developer, with a passion for web development, architecture, and security. He has worked in large and small IT organizations, written articles on development, and spoken at local .NET user groups. Neil has several Microsoft Certifications, including MCPD, MCSA, and MCSD.

More from the author
More courses by Neil Morrissey
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] Hi, everyone. My name is Neil Morrissey. And welcome to my course. Asher Dev, Ops Engineer, Implement a secure and compliant development process. I'm a solutions architect specializing in cloud technologies. It used to be that security testing was something done. After all, the development was complete before the application was deployed. If issues were found, it could slow down the whole project. So security was often overlooked for the sake of time to market. Bolting on security testing at the end of the project might have worked when development cycles lasted months or years. But now it is with Dev Ops. We're deploying production code more often, so our security testing practices need to evolve too. In this course, you're going to learn how to implement secure development practices in your azure dev UPS pipelines so you can run security tests during continuous integration builds and continuous deployment releases. Some of the major topics will cover include integrating code quality tests into your pipelines to detect coding errors that could cause security vulnerabilities, running a tool during builds that can detect vulnerabilities in open source libraries that your code uses automatically conducting ___________ testing when your application is deployed to a test environment and how to properly handle applications secrets like database passwords or certificates in your deployment process. By the end of this course, you'll know how to make security. Testing a part of your C I C D pipeline. Before beginning this course, you should be familiar with Azure Dev ops, repose and pipelines. So I hope you'll join me on this journey to learn secure development practices. With this course as your dev ops engineer, implement a secure and compliant development process here at plural site.