Instructors: Rahul Miglani
4 sections • 14 lectures • 34m total length
Video: MP4 1280x720 44 KHz | English + Sub
Updated 10/2022 | Size: 278 MB
The complete course covering what you need to know to get started in DevSecOps Including StackHawk tool Demo
What you'll learn
DevSecOps tooling e.g. SAST, DAST, SCA explained
Key security principles explained such as defence in depth and least privilege
Linux security fundamentals explained
How to add security testing to pipelines - turn a DevOps pipeline into a DevSecOps pipeline
What you need to focus on to enable security testing in CI/CD pipelines
StackHawk Tool Explained
Requirements
An IT background for the majority of students would be a prerequisite. This is because DevSecOps is an advanced IT topic, and it would be difficult to jump into such topics without existing IT knowledge. However, please note no security knowledge is required. Security fundamentals will be covered in this course.
Description
This course will cover everything you need know to get started and be successful in DevSecOps. The course is made up of hands-on demos / walkthroughs, quizzes and presentations. The course also includes downloadable source code and links to all of the tools and sites mentioned so you can use on your local environment and follow along at your own pace. Key topics covered are
What DevSecOps is and how to get started.
Explanations, hands-on demos and walkthroughs of important tools such as SAST, DAST and SCA.
Turn a DevOps pipeline into a DevSecOps pipeline (GitLab YAML pipelines examples with YAML provided).
Explanation of penetration testing and vulnerability assessments and how they align with DevSecOps.
Key security principles explained such as CIA triad, defence in depth and least privilege.
Linux security fundamentals covering topics such as sudo, SSH, file permissions, updates and more.
StackHawk Tool Demo
Dynamic Application Security Testing (DAST) is the process of analyzing a web application through the front-end to find vulnerabilities through simulated attacks. This type of approach evaluates the application from the "outside in" by attacking an application like a malicious user would. After a DAST scanner performs these attacks, it looks for results that are not part of the expected result set and identifies security vulnerabilities.
Who this course is for
Aspiring DevSecOps and cyber security professionals.
Developers looking to secure their SDLC or learn more about security and DevSecOps.
IT professionals looking to learn more about security and DevSecOps.
Homepage
Screenshots
https://rapidgator.net/file/f5347cfdf77572078d683878b3ed3b83/DevSecOps_Dynamic_App_Sec_Testing_(DAST)_with_Handson_Demo.rar.html
https://uploadgig.com/file/download/70AbeFd8782c2235/DevSecOps%20Dynamic%20App%20Sec%20Testing%20DAST%20with%20Handson%20Demo.rar