Fundamentals of DevSecOps

Paths

Fundamentals of DevSecOps

Authors: Richard Harpur, Peter Mosmans

DevOps is taking the world by storm, but the often overlooked part is that keeping applications secure is increasingly important. So how do you keep your entire development chain... Read more

What you will learn

  • Explaining the core components and methodologies of DevSecOps
  • Classifying DevSecOps processes required in a development and operation life cycle
  • Performing automated vulnerability scans
  • Integrating automated security testing tools
  • Analyzing a situation to optimize logging, monitoring and alerting
  • Applying Security Governance with DevSecOps

Pre-requisites

You should be well versed in DevOps principles and tooling as well as Security fundamentals and principles.

Fundamentals of DevSecOps

DevOps is taking the world by storm, but the often overlooked part is that keeping applications secure is increasingly important. So how do you keep your entire development chain secure and within compliance? This path answers that question by showing you the fundamentals of DevSecOps and keeping your CI/CD pipelines safe while incorporating security best practices into your DevOps lifecycle.

DevSecOps: The Big Picture

by Richard Harpur

May 29, 2020 / 1h 21m

1h 21m

Start Course
Description

Want to implement DevSecOps but don't know where to start? Not sure if it will suit your organization or what benefits it will bring?

In this course, DevSecOps: The Big Picture, you will learn foundational knowledge to master DevSecOps concepts.

First, you will be introduced to the DevSecOps Manifesto. Next, you will learn the benefits of DevSecOps and what environments are best suited to this approach. Then, you will dive into how your development process needs to be enhanced to incorporate DevSecOps. Finally, you will hear about common myths that will be extremely useful when you are selling the concept to your team or manager.

When you are finished with this course, you will be proficient in discussing DevSecOps concepts and have a clear picture of how to implement DevSecOps into the software development process.

Table of contents
  1. Course Overview
  2. Understanding DevSecOps Concepts
  3. Identifying the Benefits of DevSecOps
  4. Adopting DevSecOps in Your Software Development Lifecycle
  5. Designing DevSecOps for Plan, Code, and Build SDLC Phases
  6. Designing DevSecOps for Test, Release, and Operate SDLC Phases
  7. Debunking DevSecOps Myths

Approaching Automated Security Testing in DevSecOps

by Peter Mosmans

Dec 2, 2019 / 47m

47m

Start Course
Description

Automated security testing can increase the overall security of your products, in a scalable and repeatable way. In this course, Approaching Automated Security Testing in DevSecOps, you will learn foundational knowledge of automated security testing. First, you will learn what automated security testing is. Next, you will discover the pros and cons of automated security testing. Finally, you will explore what to test, and where to test it in the software development life cycle. When you are finished with this course, you will have the skills and basic knowledge of automated security testing.

Table of contents
  1. Course Overview
  2. Understanding Automated Security Testing
  3. Differentiating the Pros and Cons of Automated Security Testing
  4. Understanding What and Where to Test during Automated Security Testing

Performing DevSecOps Automated Security Testing

by Peter Mosmans

Jul 28, 2020 / 2h 39m

2h 39m

Start Course
Description

Security testing is a vital part of any organization. In this course, Performing DevSecOps Automated Security Testing, you will gain the ability to perform automated security tests. First, you will learn how to implement automated security scanning of code. Then, you will perform security testing of containers. Finally, you will explore how to perform automated security tests of applications and infrastructure. When you are finished with this course, you will have the skills and knowledge of performing automated security tests needed to implement in a continuous integration environment.

Table of contents
  1. Course Overview
  2. Initializing the Setup for Automated Security Testing
  3. Automating Code Security Testing
  4. Automating Third Party Libraries Security Testing
  5. Automating Container Security Testing
  6. Automating Infrastructure Security Testing

Integrating Incident Response into DevSecOps

by Richard Harpur

Dec 15, 2020 / 1h 47m

1h 47m

Start Course
Description

Automating Incident Response is key to getting quicker Incident Response. In this course, Integrating Incident Response into DevSecOps, you’ll learn to how to expand your DevSecOps practices to include Incident Response (IR). First, you’ll explore why you need to consider Incident Response in order to complete your DevSecOps workflow. You will understand why the traditional IR methods are no longer sustainable or manageable in to day’s environment. Next, you’ll discover how to design an Incident Response process that is built with DevSecOps principles in mind, using automation and codifying the workflow, minimizing manual tasks. Then, you’ll identify how to optimize and improve your Incident Response workflow using metrics and measurements to help you tune and grow your capability over time. Finally, you’ll learn where you can access resources and tools to make your journey successful. When you’re finished with this course, you’ll have the skills and knowledge of Incident Response needed to integrate this crucial activity into your DevSecOps pipeline.

Table of contents
  1. Course Overview
  2. Establishing Your Incident Response Context
  3. Planning Your Incident Response Workflow
  4. Defining Key Security Events to Log and Monitor
  5. Understanding the Need for Action in Incident Response
  6. Improving Your Incident Response Capability
  7. Discover Tools and Resources to Help You on Your Journey

Enabling Security Governance and Compliance in DevSecOps

by Richard Harpur

Apr 9, 2021 / 1h 37m

1h 37m

Start Course
Description

In an ever-changing world security is key. Cloud environments present interesting challenges when it comes to building a strong security infrastructure. In this course, Enabling Security Governance and Compliance in DevSecOps, you’ll learn to how to achieve strong security governance and compliance using DevSecOps. First, you’ll explore why strong governance is essential for all modern environments, in particular cloud environments. Next, you’ll discover the distinction between governance and compliance, and why you need both to be successful. Then, you’ll learn how to utilize you existing DevSecOps pipelines to enable strong governance and compliance practices. Finally, you’ll learn how you can achieve automated security compliance using “Security as Code” in your pipelines. When you’re finished with this course, you’ll have the skills and knowledge of Security Governance and Compliance needed to demonstrate how your DevSecOps pipeline can support this critical requirement.

Table of contents
  1. Course Overview
  2. Understanding the Need for Security Governance
  3. Understanding the Need for Security Compliance
  4. Enabling Governance and Compliance with DevSecOps
  5. Understanding Compliance as Code
  6. Applying Compliance as Code in DevSecOps
Offer Code *
Email * First name * Last name *
Company
Title
Phone
Country *

* Required field

Opt in for the latest promotions and events. You may unsubscribe at any time. Privacy Policy

By providing my phone number to Pluralsight and toggling this feature on, I agree and acknowledge that Pluralsight may use that number to contact me for marketing purposes, including using autodialed or pre-recorded calls and text messages. I understand that consent is not required as a condition of purchase from Pluralsight.

By activating this benefit, you agree to abide by Pluralsight's terms of use and privacy policy.

I agree, activate benefit
Learning Paths

Fundamentals of DevSecOps

  • Number of Courses5 courses
  • Duration8 hours
  • Skill IQ available Skill IQ

DevOps is taking the world by storm, but the often overlooked part is that keeping applications secure is increasingly important. So how do you keep your entire development chain secure and within compliance? This path answers that question by showing you the fundamentals of DevSecOps and keeping your CI/CD pipelines safe while incorporating security best practices into your DevOps lifecycle.

Courses in this path

Fundamentals of DevSecOps

DevOps is taking the world by storm, but the often overlooked part is that keeping applications secure is increasingly important. So how do you keep your entire development chain secure and within compliance? This path answers that question by showing you the fundamentals of DevSecOps and keeping your CI/CD pipelines safe while incorporating security best practices into your DevOps lifecycle.

Join our learners and upskill
in leading technologies