Training > DevOps & Site Reliability > Implementing DevSecOps (LFS262)

Training Course

DevSecOps practices are an extension to standard DevOps practices, focusing on automating security and incorporating it as part of the process, which includes Continuous Delivery, Infrastructure-as-Code (IaC), and observability. Use of DevSecOps results not only in delivering safer code faster, but also facilitates early feedback to developers, helping them build more reliable software. This course explores implementing DevSecOps practices into the software delivery pipeline using open source software.

Who Is It For

This course is designed for software developers, site reliability engineers, and DevOps practitioners looking to speed up delivery of more secure code. To make the most of this course, learners must have working knowledge of Linux operating systems and the command line interface, Git, Docker, and Kubernetes. They must also know how to build CI/CD pipelines, write Infrastructure-as-Code (IaC), run Ansible Playbooks, and understand observability concepts such as log management and monitoring.

read less read more

What You’ll Learn

This course begins by laying the foundation of DevSecOps, explaining the principles, practices, cultural aspects and tooling landscape. It then goes on to show you how to incorporate various practices into the Continuous Delivery pipeline: perform Software Composition Analysis (SCA) and add it to the Continuous Integration pipeline, perform static code analysis and project gating using SAST tools, implement security best practices while writing Dockerfiles to build images, scan container images for vulnerability, perform Dynamic Application Software Testing (DAST) on a live environment, set up a centralized vulnerability management system to provide visibility and alerting, and build a cloud native DevSecOps pipeline. You will also use IaC effectively to enforce compliance, collect logs, analyze events to provide detection and monitoring of security issues, and learn to address cloud and container related risks. In order to make adoption of DevSecOps practices frictionless, this course focuses on usage of mostly open source software, at the same time providing enough flexibility to plug in a commercial alternative to match the implementation environment.

read less read more

What It Prepares You For

This course prepares you with real life professional skills to implement DevSecOps practices into the software development and delivery processes.

read less read more

Course Outline

Chapter 1. Course Introduction

Chapter 2. What Is DevSecOps?

Chapter 3. Setting Up the Lab Environment

Chapter 4. Building a DevOps Pipeline

Chapter 5. Securing the Supply Chain with SCA

Chapter 6. Static Application Security Testing (SAST)

Chapter 7. Auditing Container Images

Chapter 8. Secure Deployment and Dynamic Application Security Testing (DAST)

Chapter 9. System Security Auditing with IAC

Chapter 10. Securing Kubernetes Deployments

Chapter 11. Secrets Management with Vault

Chapter 12. Runtime Security Monitoring and Remediation

Prerequisites

To make the most out of this course, you will need to:

Have working knowledge of Linux operating systems and the command line interface, Git, Docker, and Kubernetes.
Know how to build CI/CD pipelines, write Infrastructure-as-Code (IaC), run Ansible Playbooks, and understand observability concepts such as log management and monitoring.

Lab Info

To perform the hands-on lab exercises in this course, learners will need internet access, a web browser, Git, and a cloud provider account (e.g., Google Cloud Platform or AWS).

If using a cloud provider like GCP or AWS, you should be able to complete the lab exercises using the free tier or credits provided to you. However, you may incur charges if you exceed the credits initially allocated by the cloud provider, or if the cloud provider’s terms and conditions change.

Reviews

Aug 2024

I liked the different tools that were introduced. It was a great way to dive into the Security part of DevSecOps.

May 2024

The labs and the amount of concept, all taken in depth!

Mar 2024

The instructor is fantastic!

Feb 2024

It was very practical.

Jul 2023

Good content. It gave me good exposure to different tools I was not aware of in the industry.

Jul 2023

This course makes me well-informed to start securing my environment.

Jan 2023

The exercises were really great, I learned a lot, and the instructor was inspiring, and very good.

Jan 2023

The content and instructions were clear.

$299

Course only

Enroll Today Get a Quote

100% Money Back Guarantee

Includes

Online, Self Paced

35-40 Hours of Course Material

Hands-on Labs & Assignments

12 Months of Access to Online Course

Digital Badge

Discussion forums

Course Rating

4.0/5 Stars

Get a Quote

Get help to convince your boss.

Experience Level: Intermediate

Gift this course

Training more than 10 people?Get a corporate quote.

Stay Up to Date

Get early access to the latest Linux Foundation Training news, tutorials and exclusive offers – available only for monthly newsletter subscribers.

Get exclusive discounts, news, and more with our free newsletter

Name*
First Last
Email*
{"image":"/wp-content/themes/lf/images/newsletter.png"}
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

We won’t ever send you spam, promise.

© 2024 Linux Foundation - Education. The Linux Foundation®. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds.
Terms of Use | Privacy Policy | Bylaws | Trademark Usage | Antitrust Policy | Good Standing PolicyAccelerated by