We may earn an affiliate commission when you visit our partners.
DevOps with GitHub and Azure
Implementing Software Supply Chain Security with GitHub
Daniel Krzyczkowski
Daniel Krzyczkowski
Implementing Software Supply Chain Security can be challenging. In this course, you will learn how to improve code security with GitHub.
Read more
Implementing Software Supply Chain Security can be challenging. In this course, you will learn how to improve code security with GitHub.
Read more
Implementing Software Supply Chain Security can be challenging. In this course, you will learn how to improve code security with GitHub.
One of the most important aspects of software delivery is security. In the era of open-source projects, it is challenging and not easy to control every vulnerability and make sure that our solution does not use the package with serious vulnerabilities. The threat today to supply chain security is unpatched software.
In this course, DevOps with GitHub and Azure: Implementing software supply chain security with GitHub, you will learn about tools for software supply chain security available on GitHub.
First, you will understand what software supply chain security is and why it is important to not leave security as the last step of software delivery. Then, you will explore the configuration of Dependabot to automate keeping updated dependencies used in the project and how to add security static code analysis to an Actions workflow.
Finally, you will explore how to add License scanning to an Actions workflow to protect against specific license types in used OSS packages.
By the end of this course, you will have a clear overview of how to implement software supply chain security with GitHub, and how to maintain a secure repository by using GitHub best practices.
Register for this course and see more details by visiting:
OpenCourser.com/course/dp5a8r/devops
What's inside
Syllabus
Course Overview
Software Supply Chain Security
Enhanced Security with GitHub Actions
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Suits learners interested in implementing software supply chain security
Builds foundation for learners with no prior experience with software supply chain security
Save this course
Save DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub to your list so you can find it easily later:
Save
Save
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub with these
activities:
Review Basic Security Principles and Concepts
Show steps
Refresh your understanding of fundamental security principles, such as confidentiality, integrity, and availability, to enhance your ability to apply them in the context of software security.
Browse courses on
Security Principles
Show steps
-
Review articles and tutorials on security principles
-
Take practice quizzes or complete exercises
Read 'Secure Coding in Python' by Peter Yaworski
Show steps
Gain a deeper understanding of secure coding principles and best practices in Python, enhancing your ability to develop secure and robust software applications.
View
Real-World Bug Hunting: A Field Guide to Web...
on Amazon
Show steps
-
Purchase and read the book
-
Take notes and highlight key concepts
-
Apply the principles to personal coding projects
Attend a GitHub Community Event Focused on Security
Show steps
Participate in a local GitHub community event centered around software security, connecting with other developers and learning about best practices from experts.
Browse courses on
Software Security
Show steps
-
Identify local GitHub community events
-
Attend the event and participate in discussions
-
Network with other developers and security professionals
Six other activities
Expand to see all activities and additional details
Show all nine activities
Complete GitHub Actions Security Tutorials
Show steps
Complete a series of interactive tutorials on GitHub Actions to enhance your understanding of security features and their implementation.
Browse courses on
Github Actions
Show steps
-
Set up a GitHub Actions workflow for a personal project
-
Implement security checks using GitHub Actions
-
Monitor and troubleshoot GitHub Actions workflows
Follow OWASP Top 10 Security Vulnerabilities in GitHub Actions
Show steps
Follow a guided tutorial on addressing the OWASP Top 10 security vulnerabilities in GitHub Actions, improving your understanding of common security risks.
Browse courses on
OWASP Top 10
Show steps
-
Review the OWASP Top 10 security vulnerabilities
-
Identify and mitigate vulnerabilities in GitHub Actions workflows
Configure Dependabot for Automatic Vulnerability Updates
Show steps
Configure Dependabot to automate the process of keeping your project's dependencies up-to-date, reducing the risk of vulnerabilities in your code.
Show steps
-
Create a GitHub repository for a personal project
-
Set up automatic dependency updates using Dependabot
-
Monitor and review Dependabot alerts and updates
Document Git Security Best Practices
Show steps
Create a reference document that summarizes current best practices for maintaining secure Git repositories.
Browse courses on
Software Security
Show steps
-
Research best practices for Git security
-
Review existing Git repositories for security vulnerabilities
-
Write a comprehensive document outlining best practices
Design a Security Policy for a GitHub Repository
Show steps
Draft a security policy for a GitHub repository, defining guidelines, responsibilities, and procedures for maintaining a secure codebase and development process.
Browse courses on
Security Policy
Show steps
-
Identify security risks and threats for the GitHub repository
-
Review existing security policies and best practices
-
Develop a comprehensive security policy document
-
Communicate and implement the security policy within the team
Develop a Cheat Sheet on GitHub Security Best Practices
Show steps
Create a concise and accessible cheat sheet summarizing key GitHub security best practices for quick reference and easy implementation.
Browse courses on
Software Security
Show steps
-
Gather information on GitHub security best practices
-
Organize and distill the information into a cheat sheet format
-
Share the cheat sheet with colleagues and the community
Review Basic Security Principles and Concepts
Show steps
Refresh your understanding of fundamental security principles, such as confidentiality, integrity, and availability, to enhance your ability to apply them in the context of software security.
Browse courses on
Security Principles
Show steps
Show steps
Show steps
- Review articles and tutorials on security principles
- Take practice quizzes or complete exercises
Read 'Secure Coding in Python' by Peter Yaworski
Show steps
Gain a deeper understanding of secure coding principles and best practices in Python, enhancing your ability to develop secure and robust software applications.
View
Real-World Bug Hunting: A Field Guide to Web...
on Amazon
Show steps
Show steps
Show steps
- Purchase and read the book
- Take notes and highlight key concepts
- Apply the principles to personal coding projects
Attend a GitHub Community Event Focused on Security
Show steps
Participate in a local GitHub community event centered around software security, connecting with other developers and learning about best practices from experts.
Browse courses on
Software Security
Show steps
Show steps
Show steps
- Identify local GitHub community events
- Attend the event and participate in discussions
- Network with other developers and security professionals
Six other activities
Expand to see all activities and additional details
Show all nine activities
Complete GitHub Actions Security Tutorials
Show steps
Complete a series of interactive tutorials on GitHub Actions to enhance your understanding of security features and their implementation.
Browse courses on
Github Actions
Show steps
Show steps
Show steps
- Set up a GitHub Actions workflow for a personal project
- Implement security checks using GitHub Actions
- Monitor and troubleshoot GitHub Actions workflows
Follow OWASP Top 10 Security Vulnerabilities in GitHub Actions
Show steps
Follow a guided tutorial on addressing the OWASP Top 10 security vulnerabilities in GitHub Actions, improving your understanding of common security risks.
Browse courses on
OWASP Top 10
Show steps
Show steps
Show steps
- Review the OWASP Top 10 security vulnerabilities
- Identify and mitigate vulnerabilities in GitHub Actions workflows
Configure Dependabot for Automatic Vulnerability Updates
Show steps
Configure Dependabot to automate the process of keeping your project's dependencies up-to-date, reducing the risk of vulnerabilities in your code.
Show steps
Show steps
Show steps
- Create a GitHub repository for a personal project
- Set up automatic dependency updates using Dependabot
- Monitor and review Dependabot alerts and updates
Document Git Security Best Practices
Show steps
Create a reference document that summarizes current best practices for maintaining secure Git repositories.
Browse courses on
Software Security
Show steps
Show steps
Show steps
- Research best practices for Git security
- Review existing Git repositories for security vulnerabilities
- Write a comprehensive document outlining best practices
Design a Security Policy for a GitHub Repository
Show steps
Draft a security policy for a GitHub repository, defining guidelines, responsibilities, and procedures for maintaining a secure codebase and development process.
Browse courses on
Security Policy
Show steps
Show steps
Show steps
- Identify security risks and threats for the GitHub repository
- Review existing security policies and best practices
- Develop a comprehensive security policy document
- Communicate and implement the security policy within the team
Develop a Cheat Sheet on GitHub Security Best Practices
Show steps
Create a concise and accessible cheat sheet summarizing key GitHub security best practices for quick reference and easy implementation.
Browse courses on
Software Security
Show steps
Show steps
Show steps
- Gather information on GitHub security best practices
- Organize and distill the information into a cheat sheet format
- Share the cheat sheet with colleagues and the community
Career center
Learners who complete DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub will develop knowledge and skills
that may be useful to these careers:
DevOps Engineer
DevOps Engineer
DevOps Engineers are responsible for the planning, design, and implementation of software delivery pipelines. They work to ensure that software is delivered quickly and securely. This course provides a foundation in software supply chain security, which is a critical aspect of DevOps. By understanding the tools and techniques for software supply chain security, DevOps Engineers can help to protect their organizations from vulnerabilities and attacks.
Software Engineer
Software Engineer
Software Engineers design, develop, and maintain software applications. They work to ensure that software is secure, reliable, and efficient. This course provides a foundation in software supply chain security, which is a critical aspect of software development. By understanding the tools and techniques for software supply chain security, Software Engineers can help to protect their organizations from vulnerabilities and attacks.
Security Engineer
Security Engineer
Security Engineers are responsible for the security of an organization's IT infrastructure. They work to identify and mitigate security risks. This course provides a foundation in software supply chain security, which is a critical aspect of IT security. By understanding the tools and techniques for software supply chain security, Security Engineers can help to protect their organizations from vulnerabilities and attacks.
Cloud Engineer
Cloud Engineer
Cloud Engineers design, build, and maintain cloud computing infrastructure. They work to ensure that cloud applications are secure, reliable, and scalable. This course provides a foundation in software supply chain security, which is a critical aspect of cloud computing. By understanding the tools and techniques for software supply chain security, Cloud Engineers can help to protect their organizations from vulnerabilities and attacks.
IT Manager
IT Manager
IT Managers are responsible for the planning, implementation, and management of an organization's IT infrastructure. They work to ensure that IT systems are secure, reliable, and efficient. This course provides a foundation in software supply chain security, which is a critical aspect of IT management. By understanding the tools and techniques for software supply chain security, IT Managers can help to protect their organizations from vulnerabilities and attacks.
Information Security Analyst
Information Security Analyst
Information Security Analysts are responsible for identifying and mitigating security risks to an organization's information systems. They work to protect against unauthorized access, data breaches, and other security threats. This course provides a foundation in software supply chain security, which is a critical aspect of information security. By understanding the tools and techniques for software supply chain security, Information Security Analysts can help to protect their organizations from vulnerabilities and attacks.
Cybersecurity Analyst
Cybersecurity Analyst
Cybersecurity Analysts are responsible for protecting an organization's computer systems and networks from cyber threats. They work to identify and mitigate vulnerabilities, and to respond to security incidents. This course provides a foundation in software supply chain security, which is a critical aspect of cybersecurity. By understanding the tools and techniques for software supply chain security, Cybersecurity Analysts can help to protect their organizations from vulnerabilities and attacks.
Risk Analyst
Risk Analyst
Risk Analysts are responsible for identifying and assessing risks to an organization. They work to develop strategies to mitigate these risks and to protect the organization from financial losses, reputational damage, and other negative consequences. This course provides a foundation in software supply chain security, which is a critical aspect of risk management. By understanding the tools and techniques for software supply chain security, Risk Analysts can help to protect their organizations from vulnerabilities and attacks.
Compliance Manager
Compliance Manager
Compliance Managers are responsible for ensuring that an organization complies with all applicable laws and regulations. They work to identify and mitigate compliance risks, and to develop and implement compliance programs. This course provides a foundation in software supply chain security, which is a critical aspect of compliance. By understanding the tools and techniques for software supply chain security, Compliance Managers can help to protect their organizations from vulnerabilities and attacks.
Auditor
Auditor
Auditors are responsible for examining an organization's financial records and operations to ensure that they are accurate and compliant with all applicable laws and regulations. This course provides a foundation in software supply chain security, which is a critical aspect of auditing. By understanding the tools and techniques for software supply chain security, Auditors can help to protect their organizations from vulnerabilities and attacks.
Systems Analyst
Systems Analyst
Systems Analysts are responsible for analyzing and designing computer systems. They work to ensure that these systems are efficient, reliable, and secure. This course provides a foundation in software supply chain security, which is a critical aspect of systems analysis. By understanding the tools and techniques for software supply chain security, Systems Analysts can help to protect their organizations from vulnerabilities and attacks.
Database Administrator
Database Administrator
Database Administrators are responsible for managing and maintaining an organization's databases. They work to ensure that these databases are secure, reliable, and efficient. This course provides a foundation in software supply chain security, which is a critical aspect of database administration. By understanding the tools and techniques for software supply chain security, Database Administrators can help to protect their organizations from vulnerabilities and attacks.
Network Administrator
Network Administrator
Network Administrators are responsible for managing and maintaining an organization's computer networks. They work to ensure that these networks are secure, reliable, and efficient. This course provides a foundation in software supply chain security, which is a critical aspect of network administration. By understanding the tools and techniques for software supply chain security, Network Administrators can help to protect their organizations from vulnerabilities and attacks.
Security Consultant
Security Consultant
Security Consultants are responsible for providing security advice to organizations. They work to help organizations identify and mitigate security risks. This course provides a foundation in software supply chain security, which is a critical aspect of security consulting. By understanding the tools and techniques for software supply chain security, Security Consultants can help their clients to protect their organizations from vulnerabilities and attacks.
Information Security Manager
Information Security Manager
Information Security Managers are responsible for developing and implementing an organization's information security program. They work to ensure that the organization's information is protected from unauthorized access, data breaches, and other security threats. This course provides a foundation in software supply chain security, which is a critical aspect of information security management. By understanding the tools and techniques for software supply chain security, Information Security Managers can help to protect their organizations from vulnerabilities and attacks.
For more career information including salaries, visit:
OpenCourser.com/course/dp5a8r/devops
Reading list
We've selected seven books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub.
Provides a comprehensive guide to secure coding in C. It covers topics such as buffer overflows, integer overflows, and format string vulnerabilities.
Provides a comprehensive overview of software testing. It covers topics such as test planning, test design, and test execution.
Save
Provides a comprehensive guide to DevOps. It covers topics such as agile development, DevOps culture, and continuous delivery.
Provides a comprehensive guide to developing secure software systems. It covers topics such as threat modeling, secure coding practices, and vulnerability management.
Provides a comprehensive guide to site reliability engineering. It covers topics such as infrastructure management, monitoring, and alerting.
Save
Novel that tells the story of a team that transforms their IT organization using DevOps principles. It great way to learn about DevOps in a fun and engaging way.
Save
Provides a comprehensive overview of network security threats and vulnerabilities. It valuable resource for anyone involved in network security or penetration testing.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/dp5a8r/devops
Share
Similar courses
Here are nine courses similar to
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub.
Introduction to DevSecOps on Azure
OpenCourser.com/course/oh9lee/introduction
Introduction to DevSecOps on Azure
Most relevant
Securing Your Software Supply Chain with Sigstore
OpenCourser.com/course/xntr3t/securing
Securing Your Software Supply Chain with Sigstore
Most relevant
DevOps with GitHub and Azure: The Big Picture
OpenCourser.com/course/bzy1q1/devops
DevOps with GitHub and Azure: The Big Picture
Most relevant
Secure Software Supply Chain for CSSLP®
OpenCourser.com/course/yon0id/secure
Secure Software Supply Chain for CSSLP®
Most relevant
Supply Chain Risk Management with OWASP Dependency-Check
OpenCourser.com/course/vcq6p0/supply
Supply Chain Risk Management with OWASP Dependency-Check
Most relevant
Securing Your GitHub Project
OpenCourser.com/course/bxa0qg/securing
Securing Your GitHub Project
Most relevant
GitHub Enterprise
OpenCourser.com/course/rxamik/github
GitHub Enterprise
Most relevant
DevOps with Github and Azure: Implementing Package Management with GitHub
OpenCourser.com/course/igpvct/devops
DevOps with Github and Azure: Implementing Package...
Most relevant
DevOps with GitHub and Azure: Implementing CI/CD with GitHub Actions
OpenCourser.com/course/1adhlt/devops
DevOps with GitHub and Azure: Implementing CI/CD with...
Most relevant
Time
3300 hours
Level
Intermediate
Via
Pluralsight
Instructor
Daniel Krzyczkowski
Language
English
Good to know
Suits learners interested in implementing software supply chain security
Builds foundation for learners with no prior experience with software supply chain security
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser