What you'll learn
- Understand the core principles of DevSecOps and how they integrate into modern software delivery pipelines.
- Set up a complete learning environment using Google Cloud Platform, Kubernetes (GKE), and essential DevOps tools.
- Build a secure CI/CD pipeline using Jenkins, Helm, Docker, and Kubernetes.
- Implement Software Composition Analysis (SCA) using OWASP Dependency-Check, Pyraider, and Dependency-Track to identify and manage third-party risks.
- Apply Static Application Security Testing (SAST) using tools like slscan and integrate them into your CI/CD pipeline.
- Conduct Dynamic Application Security Testing (DAST) using OWASP ZAP during deployment stages to catch runtime vulnerabilities.
- Harden container images using Dockle, Trivy, and multi-stage Dockerfiles to reduce the attack surface.
- Manage sensitive credentials and enforce secure secrets injection using HashiCorp Vault with Kubernetes.
- Enforce system-level compliance and infrastructure hardening using InSpec and Ansible as Compliance-as-Code tools.
- Secure Kubernetes workloads by implementing security contexts, Pod security policies, resource limits, and runtime scanning tools like Falco.
