Secure DevOps - The Road to Continuous Security in development lifecycle
About This Video
- A practical course that will teach you to protect your organization with a collaboration of DevOps and security.
- Integrate security step-by-step at every layer of the DevOps pipeline with practical sessions.
- Real-life scenarios and case studies of DevOps unicorns such as Etsy, Netflix, Google, etc.
DevOps enables rapid application development while security teams follow a traditional way of performing security checks. If security (that is, configuration checks, code analysis, vulnerability scanning, and more) is not adequately automated then it leads to increased security violations and hacking/phishing attacks. Integrating security in the DevOps ethos helps fix flaws earlier in the development process. This course shows you how to apply DevOps security best practices at every stage in your DevOps pipeline. You will learn proven approaches to reducing vulnerability and strengthening your defenses against attack. You will understand using security as code with the intent of making security and compliance consumable as a service. This course explains how DevOps security practices differ from traditional security approaches and provides techniques to embed governance and cybersecurity functions throughout the DevOps workflow. By the end of the course, you will have learned best practices in DevSecOps, the core concepts of secure DevOps, and how security can be integrated into the development pipeline.
The code bundle for this video course is available at - https://github.com/PacktPublishing/Practical-DevOps-Security-Video
Table of Contents
- Chapter 1 : Integrate Security within DevOps
- Chapter 2 : Applying Shift Left Security Approach
- Chapter 3 : Securing Development Practices
Chapter 4 : Security Verification in the Pipeline
- What Is Static Application Security Testing? 00:04:18
- Embed SAST into the CI/CD Pipeline 00:07:18
- What Is Dynamic Application Security Testing? 00:02:23
- Embed DAST Into the Pipeline 00:03:03
- Runtime Application Self-Protection (RASP) versus Interactive Application Security Testing (IAST) 00:02:18
- Software Composition Analysis 00:02:01
- Chapter 5 : Deploy Secure Software
- Chapter 6 : Security in System Monitoring
- Title: Practical DevOps Security
- Release date: December 2018
- Publisher(s): Packt Publishing
- ISBN: 9781788394901