Overview What You Will Learn Curriculum Instructor

Course Overview

Most companies have implemented DevOps practices within their organization. But security practices are being identified at the end of the delivery pipeline. By this time security vulnerabilities could have been induced into your application or infrastructure. DevSecOps, which stands for Developer Security Operations helps in developing solutions with a security mindset. Its emphasis is to design software and understand the security requirements as a continuous process, sponsored by DevOps methodology. It is important to have `Security as Code` treated as a coding requirement. 

This course will teach you on building an automated DevSecOps pipeline with GitHub actions. The initial part of the course will get you accustomed to various commands in Git/GitHub actions basics and YAML file syntax. Later, we will move to understand the security jargon and start building the DevSecOps pipeline by implementing DevSecOps tools for SAST/SCA/DAST, using the YAML workflow file. This course also includes a practical example to implement security in DevOps using the GitHub actions workflow file.  

By the end of the course, you will be able to successfully implement the DevSecOps pipeline and be at the front of initiatives to create, build and maintain security pipelines in your organization. 

What You Will Learn

  • About Git and GitHub Actions. You will learn how to write workflow YAML files for running the GitHub actions pipeline
  • About triggering automated triggering of GitHub actions workflow file and on-demand triggering.
  • About various security terms used in this course
  • Learn CI/CD pipeline creation
  • How to integrate tools for SAST/DAST (OWASP ZAP)/Static code analysis. In addition to the same
  • how to use the Snyk tool for container scanning
  • How to report security issues found in code scanning/SAST/DAST in the JIRA tool
  • When you have completed this course
  • you will have a clear picture of DevSecOps concepts and will have a clear vision of how to incorporate DevSecOps tools in your automated build pipeline

Program Curriculum

  • DevOps v/s DevSecOps
  • Terms Used in DevSecOps
  • Tools Used in the DevSecOps Pipeline
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • What Are Git and GitHubActions?
  • Learning YAML
  • Installation & Git Commands
  • Creating and Running Your First Event-based Workflow
  • Event-based Workflows (Pull Request Based)
  • Schedule-based Workflows
  • On-demand Workflows
  • Using Filter in Your Workflows
  • Chapter 2 Quiz

  • Building Automated DevSecOps Pipeline
  • Integrate Snyk with GitHub Actions
  • Run Snyk with GitHub Actions
  • About SonarCloud
  • Run SonarCloud Analysis
  • Chapter 3 Quiz

  • OWASP ZAP – Part 1
  • OWASP ZAP – Part 2
  • Vulnerability – Part 1
  • Vulnerability – Part 2
  • Chapter 4 Quiz

  • Project Requirements
  • Implementing Java DevSecOps Case Study
  • Observing Lint Logs
  • Review SCA Results
  • Review DAST Scan Results
  • Running Sequential Jobs
  • Chapter 5 Quiz

  • Reporting Issues in Jira
  • Report SAST Scan Issues
  • Report SCA Scan Issues
  • Report DSAT Scan Issues
  • Chapter 6 Quiz

Key Takeaways from Course

Load more modules

Instructor

Sunil Jacob

Sunil Jacob, currently working as Principal Development Software Engineer in Dev(Sec)Ops functional area. He comes with 16.5 years of IT experience. He was the runner-up of a national-level hackathon, conducted by TechGig Code Gladiators in 2017 for the theme DevOps. He has authored articles in tech blogs and associated with Manning for a live project course ‘Getting started with Kubernetes’. He is a certified Professional Cloud Architect (Google) and also a certified Kubernetes administrator. He has worked on different open-source code repositories like Gitlab and GitHub and implemented DevSecOps practices for organizations. His major area of work includes technologies like Docker, Kubernetes, and monitoring solutions with Prometheus/Grafana.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • Code Security with SonarQube

    Code Security with SonarQube

    Short Course

    Code Security with SonarQube

    DevSecOps

    Gain engineering confidence in your code through SonarQube

    $99.99

    Intermediate

    4 hr 0 m

  • DevOps Beginner to Advanced: Integrating DevOps with Cloud (Part 2)

    DevOps Beginner to Advanced: Integrating DevOps with Cloud (Part 2)

    Short Course

    DevOps Beginner to Advanced: Integrating DevOps with Cloud (Pa...

    DevSecOps

    Learn how to implement AWS, Docker, K8s, and N-Tier Projects ...

    $69.99

    Advanced

    10 hr 9 m

  • Infrastructure Testing with Azure DevOps

    Infrastructure Testing with Azure DevOps

    Short Course

    Infrastructure Testing with Azure DevOps

    DevSecOps

    Test, Automate, Validate, and Secure Your Infrastructure with...

    $49.99

    Intermediate

    4 hr 0 m

  • Alpine Linux for Starters

    Alpine Linux for Starters

    Short Course

    Alpine Linux for Starters

    DevSecOps

    Make the most of Alpine Linux for IoT, embedded devices, secu...

    $49.99

    Beginner

    4 hr 0 m

  • Building CI/CD Pipeline Using AWS CodePipeline

    Building CI/CD Pipeline Using AWS CodePipeline

    Short Course

    Building CI/CD Pipeline Using AWS CodePipeline

    DevSecOps

    Automate your software delivery process by building robust CI...

    $49.99

    Intermediate

    3 hr 29 m

  • Implementing CI with Jenkins & Maven

    Implementing CI with Jenkins & Maven

    Short Course

    Implementing CI with Jenkins & Maven

    DevSecOps

    Gain a deep understanding of implementing continuous integrat...

    $49.99

    Beginner

    3 hr 2 m

  • Mastering Mobile Application Development

    Mastering Mobile Application Development

    Short Course

    Mastering Mobile Application Development

    DevSecOps

    Mastering React Native: JavaScript Essentials, Core Concepts,...

    $49.99

    Intermediate

    3 hr 30 m

  • DevOps Beginner to Advanced: Introduction to DevOps

    DevOps Beginner to Advanced: Introduction to DevOps

    Short Course

    DevOps Beginner to Advanced: Introduction to DevOps

    DevSecOps

    Begin DevOps Career as an Absolute Beginner | Linux, AWS, Scr...

    $59.99

    Beginner

    10 hr 47 m

1 8