Overview What You Will Learn Curriculum Instructor

Course Overview

Popular data breaches and service outages are showing us that security cannot be a one-off time job, negligible, and can be executed only at the end of the final stages of application development. Otherwise, it is not only affecting company reputations but also customer loyalty to the delivered product and services.

If Security is implemented and limited at the final stages, then prevention or recovery is also taking much more time&money for spotting the correct point and figuring out the correct solution. This can be avoidable by changing application development pipelines by introducing the correct tools and techniques at the right places. We can detect most of the security issues earlier than before delivering applications/services to the customers with the “Shifting Security Left” strategy.

So, this course will give you the theory and practical knowledge to automate and embed your security requirements into Continuous Integration (CI)/Continuous Delivery (CD) Pipelines using open source/vendor tools and the latest techniques. You will secure your Software Development Life Cycle (SDLC) and start your Secure SDLC journey, then position Security in your organization not only as a one-off task but as a continuous process. And you will step into the DevSecOps world.

What You Will Learn

  • Identify what are the benefits of security automation in the CI/CD Pipelines
  • Spot points where you can codify and embed security in the CI/CD Pipelines
  • Learn tools and techniques to automate security for code inspection and code quality
  • Integrating Secret Managers in the SDLC
  • How to Implement Container Security (static (image security)
  • run time (container security))
  • Learn and Implement Vulnerability Scanning
  • Vulnerability Management
  • Integrate automated security testing tools such as OWASP ZAP
  • Arachni-Scanner with Jenkins
  • Apply different automated security testing with different tools like Robot framework
  • Selenium and Zap CLI

Program Curriculum

  • An Overview of Planning Phase
  • Working on Threat Modeling
  • Standardizing Development Environment
  • Coding Best Practices and Secure Coding
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • An Overview of Coding Phase
  • Using Linters and Plugins in IDE
  • Static Code Analysis Testing (SAST)
  • Code Repo Scan for Secrets/Keys and Personally Identifiable Information (PII) Data
  • Secret Management
  • Chapter 2 Quiz

  • An Overview of Building Phase
  • Artifact Repository Scanning
  • Container Image Scanning Part 1
  • Container Image Scanning Part 2
  • Software Composition Analysis (SCA)
  • Chapter 3 Quiz

  • An Overview of Testing Phase
  • Penetration Testing
  • Load Testing
  • Fuzzing/Fuzz Testing
  • Behavior Driven Development Security (BDD) Testing
  • Test Reporting with Junit/xUnit
  • Chapter 4 Quiz

  • An Overview of Releasing Phase
  • Dynamic Application Security Testing (DAST)
  • Interactive Application Security Testing (IAST)
  • Chapter 5 Quiz

  • An Overview of Operation Phase
  • Infrastructure Hardening (VM, Container, Host, Cloud, Network, Storage etc.)
  • Container Host Security
  • Container Orchestration Security
  • Continuous Compliance
  • Chapter 6 Quiz

  • An Overview of Postproduction Phase
  • Evaluating Vulnerability Reports
  • Logging
  • Monitoring
  • Alerting and SIEMs
  • Chaos Engineering
  • Chapter 7 Quiz
Load more modules

Instructor

Burak Cansizoglu

Burak is working as a Cloud/DevOps freelance consultant. He has Computer Engineering Bachelor and Engineering Management master’s degrees. He performed different roles during his professional career track. As an IT professional and consultant, he has more than 13 years of experience in the finance, telecommunication, and government sectors. He likes to learn new technologies and wants to share his knowledge, experiences with the community. He likes all lean, agile initiatives. And he believes that the DevOps mindset and Dev-X-Ops transformation will bring more agility to the Enterprises as well as employees.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • Code Security with SonarQube

    Code Security with SonarQube

    Short Course

    Code Security with SonarQube

    DevSecOps

    Gain engineering confidence in your code through SonarQube

    $99.99

    Intermediate

    4 hr 0 m

  • DevOps Beginner to Advanced: Integrating DevOps with Cloud (Part 2)

    DevOps Beginner to Advanced: Integrating DevOps with Cloud (Part 2)

    Short Course

    DevOps Beginner to Advanced: Integrating DevOps with Cloud (Pa...

    DevSecOps

    Learn how to implement AWS, Docker, K8s, and N-Tier Projects ...

    $69.99

    Advanced

    10 hr 9 m

  • Infrastructure Testing with Azure DevOps

    Infrastructure Testing with Azure DevOps

    Short Course

    Infrastructure Testing with Azure DevOps

    DevSecOps

    Test, Automate, Validate, and Secure Your Infrastructure with...

    $49.99

    Intermediate

    4 hr 0 m

  • Alpine Linux for Starters

    Alpine Linux for Starters

    Short Course

    Alpine Linux for Starters

    DevSecOps

    Make the most of Alpine Linux for IoT, embedded devices, secu...

    $49.99

    Beginner

    4 hr 0 m

  • Building CI/CD Pipeline Using AWS CodePipeline

    Building CI/CD Pipeline Using AWS CodePipeline

    Short Course

    Building CI/CD Pipeline Using AWS CodePipeline

    DevSecOps

    Automate your software delivery process by building robust CI...

    $49.99

    Intermediate

    3 hr 29 m

  • Implementing CI with Jenkins & Maven

    Implementing CI with Jenkins & Maven

    Short Course

    Implementing CI with Jenkins & Maven

    DevSecOps

    Gain a deep understanding of implementing continuous integrat...

    $49.99

    Beginner

    3 hr 2 m

  • Mastering Mobile Application Development

    Mastering Mobile Application Development

    Short Course

    Mastering Mobile Application Development

    DevSecOps

    Mastering React Native: JavaScript Essentials, Core Concepts,...

    $49.99

    Intermediate

    3 hr 30 m

  • DevOps Beginner to Advanced: Introduction to DevOps

    DevOps Beginner to Advanced: Introduction to DevOps

    Short Course

    DevOps Beginner to Advanced: Introduction to DevOps

    DevSecOps

    Begin DevOps Career as an Absolute Beginner | Linux, AWS, Scr...

    $59.99

    Beginner

    10 hr 47 m

1 8