DevSecOps: Building a Secure Continuous Delivery Pipeline .MP4, AVC, 256 kbps, 1280x720 | English, AAC, 128 kbps, 2 Ch | 1h 12m | 147 MB Instructor: James Wickett
Over the past several years, information security has struggled to keep up with the fast-paced DevOps movement. DevSecOps-an extension of DevOps-aims to remedy this by embracing security as an essential part of DevOps culture. This course examines this fresh take on DevOps, providing an overview of the practices and tools that can help you implement security across the entirety of the continuous integration and continuous delivery (CI/CD) pipeline. As instructor James Wickett looks at CI/CD through the lens of security, he breaks up the pipeline into five distinct stages: develop, inherit, build, deploy, and operate. As he moves through each of these stages, he provides an overview of best practices and tools that can fit nicely into your DevSecOps toolchain approach.
Goals for a DevSecOps toolchain approach Development, inherit, build, deploy, and operation tools Keeping secrets with git-secrets Using OWASP Dependency Check Testing for dependency issues using Retire.js Options for software composition analysis Key security concerns for the deploy phase Tricks for making compliance happy Cloud configuration monitoring