SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Video accessible from your Account page after purchase.
Register your product to gain access to bonus material or receive a coupon.
4+ Hours of Video Instruction
Security is the top concern of businesses today. Milecia McGregor shows developers how to mitigate security risks by implementing DevSecOps best practices.
Description
Every organization with a DevOps framework should be looking to shift toward a DevSecOps mindset, bringing individuals of all abilities and across all technology disciplines to a higher level of proficiency in security. From testing for potential security exploits to building business-driven security services, a DevSecOps framework that uses DevSecOps tools ensures security is built into applications rather than being bolted on haphazardly afterwards.
In Securing Your DevOps Pipelines: DevSecOps Best Practices, Milecia covers how DevSecOps improves upon regular DevOps pipelines. She covers the tools and methodologies you can use to bring DevSecOps to your organization. By the end of the course, you will know how to build a DevSecOps pipeline and how to integrate different tools to handle the OWASP Top Ten, as well as compliance checks to stay up to date with regulations like HIPAA, PCI, and GDPR.
About the Instructor
Milecia McGregor is a software generalist who has worked in numerous areas of tech. She has a master's degree in mechanical and aerospace engineering and has done machine learning work for humancomputer interfaces on autonomous vehicles. She has done work on the front-end and back-end, data science, robotics, DevOps, cybersecurity, blockchain, VR, and other areas. Milecia has worked on projects like the Mozilla VPN and apps that work with brain signals. She is also an international speaker in the tech community with talks covering a variety of topics across multiple programming languages.
Skill Level
What You Will Learn
Developers and engineers will learn to
Who Should Take This Course
DevOps professionals and site reliability engineers, software developers, technical project managers, security engineers
Course Requirements
Some experience with DevOps pipelines, some knowledge of the OWASP Top Ten and web application authentication, authorization, and other security principles
Table of Contents
Introduction
Lesson 1: Background on DevOps
Learning objectives
1.1 Understand where DevOps came from
1.2 Learn how DevOps works
1.3 DevOps versus Waterfall
Lesson 2: Security in DevOps or DevSecOps
Learning objectives
2.1 Show where security comes in
2.2 Learn how issues get to production
2.3 Learn the OWASP 10 top security risks
2.4 Understand how attackers gain unauthorized access to apps
2.5 Learn the basics of DevSecOps
2.6 Use DevSecOps to mitigate risks
Lesson 3: DevSecOps Tools
Learning objectives
3.1 Learn about SAST
3.2 Use SAST tools
3.3 Learn about DAST
3.4 Use DAST tools
3.5 Learn about IAST
3.6 Use IAST tools
3.7 Learn about OAST
3.8 Use OAST tools
Lesson 4: Setting up a DevSecOps Pipeline
Learning objectives
4.1 Set up the project
4.2 Set up CircleCI
4.3 Write the CircleCI config
4.4 Break down the pipeline steps
4.5 Add security to each step
Lesson 5: Final Security Checks
Learning objectives
5.1 Learn how pen-testing works
5.2 Use Kali Linux tools
5.3 Use bug bounties
5.4 Perform compliance audits
Summary
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include: IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at informit.com/video.
Video Lessons are available for download for offline viewing within the streaming format. Look for the green arrow in each lesson.
Introduction
Lesson 1: Background on DevOps
Learning objectives
1.1 Understand where DevOps came from
1.2 Learn how DevOps works
1.3 DevOps versus Waterfall
Lesson 2: Security in DevOps or DevSecOps
Learning objectives
2.1 Show where security comes in
2.2 Learn how issues get to production
2.3 Learn the OWASP 10 top security risks
2.4 Understand how attackers gain unauthorized access to apps
2.5 Learn the basics of DevSecOps
2.6 Use DevSecOps to mitigate risks
Lesson 3: DevSecOps Tools
Learning objectives
3.1 Learn about SAST
3.2 Use SAST tools
3.3 Learn about DAST
3.4 Use DAST tools
3.5 Learn about IAST
3.6 Use IAST tools
3.7 Learn about OAST
3.8 Use OAST tools
Lesson 4: Setting up a DevSecOps Pipeline
Learning objectives
4.1 Set up the project
4.2 Set up CircleCI
4.3 Write the CircleCI config
4.4 Break down the pipeline steps
4.5 Add security to each step
Lesson 5: Final Security Checks
Learning objectives
5.1 Learn how pen-testing works
5.2 Use Kali Linux tools
5.3 Use bug bounties
5.4 Perform compliance audits
Summary