We may earn an affiliate commission when you visit our partners.
DevSecOps
Adding Security Testing Tools to Pipelines
Peter Mosmans
Peter Mosmans
Automated security testing can be daunting to start with.
This course will
teach you which tools you can easily implement into your existing CI/CD
pipelines and what results can be expected with each tool.
Read more
Automated security testing can be daunting to start with. This course will teach you which tools you can easily implement into your existing CI/CD pipelines and what results can be expected with each tool.
Read more
Automated security testing can be daunting to start with. This course will teach you which tools you can easily implement into your existing CI/CD pipelines and what results can be expected with each tool.
You want to start implementing automated security tests into your existing CI/CD pipelines. In this course, DevSecOps: Adding Security Testing Tools to Pipelines, you’ll learn to select the right tool for the right job. First, you’ll explore several tools that can detect secrets. Next, you’ll discover how to add static and dynamic application security testing tools to pipelines. Finally, you’ll learn how to perform software composition analysis. When you’re finished with this course, you’ll have the skills and knowledge of automated security testing needed to properly implement automated security testing into pipelines: from automatically detecting secrets in your source code all the way to running scans against a running application.
Register for this course and see more details by visiting:
OpenCourser.com/course/thked9/devsecops
What's inside
Syllabus
Course Overview
Initializing the Setup for Automated Security Testing
Detecting Secrets in Code
Performing Dockerfile Linting using Hadolint
Read more
Syllabus
Course Overview
Initializing the Setup for Automated Security Testing
Detecting Secrets in Code
Performing Dockerfile Linting using Hadolint
Read more
Performing Static Application Security Testing Using njsscan
Performing Static Application Security Testing Using SonarQube
Performing Software Composition Analysis Using OWASP Dependency-Check
Detecting Vulnerabilities in Third-party Libraries Using Software Bill of Materials and OWASP Dependency-Track
Detecting Vulnerabilities in Images Using Trivy
Performing Dynamic Application Security Testing Using OWASP ZAP
Performing Dynamic Application Security Testing Using Nikto
Performing Full Automated Security Testing in a Pipeline
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Teaches skills and knowledge required to implement security testing tools into CI/CD pipelines to automate security testing
Taught by experienced instructors who work in the field, offering practical insights
Covers a range of tools for different security testing purposes
Develops skills for selecting the right security testing tool for specific tasks
Provides step-by-step guidance on implementing security testing tools into pipelines
Builds a foundation for understanding and implementing automated security testing
Save this course
Save DevSecOps: Adding Security Testing Tools to Pipelines to your list so you can find it easily later:
Save
Save
Activities
Coming soon
We're preparing activities for
DevSecOps: Adding Security Testing Tools to Pipelines.
These are activities you can do either before, during, or after a course.
Career center
Learners who complete DevSecOps: Adding Security Testing Tools to Pipelines will develop knowledge and skills
that may be useful to these careers:
Data Scientist
Data Scientist
Data Scientists are responsible for collecting, analyzing, and interpreting data to solve business problems. This often includes using machine learning, statistics, and data mining techniques. This course may be useful for Data Scientists wishing to learn how to integrate security testing into machine learning pipelines.
DevOps Engineer
DevOps Engineer
DevOps Engineers are responsible for bridging the gap between development and operations teams. This often includes automating software deployment, managing infrastructure, and monitoring performance. This course may be useful for DevOps Engineers wishing to implement automated security testing into their pipelines.
Security Engineer
Security Engineer
Security Engineers are responsible for organizing and implementing all security related measures within an organization. This includes creating security policies, overseeing network security, and managing security intelligence. This course may be useful for Security Engineers wishing to implement automated security testing into their existing CI/CD pipelines.
Systems Administrator
Systems Administrator
Systems Administrators are responsible for managing and maintaining computer systems. This often includes installing software, configuring hardware, and troubleshooting problems. This course may be useful for Systems Administrators wishing to learn how to integrate automated security testing into their systems management process.
Software Developer
Software Developer
Software Developers are responsible for designing, implementing, and maintaining software applications. This often includes writing code, testing software, and debugging software. This course may be useful for Software Developers wishing to gain experience using security testing tools in pipelines.
Network Security Engineer
Network Security Engineer
Network Security Engineers are responsible for designing and implementing network security solutions. This often includes configuring firewalls, routers, and intrusion detection systems. This course may be useful for Network Security Engineers wishing to learn how to integrate automated security testing into their network security solutions.
Security Consultant
Security Consultant
Security Consultants are responsible for providing security advice and guidance to organizations. This often includes assessing security risks, recommending solutions, and implementing security measures. This course may be useful for Security Consultants wishing to learn how to integrate security testing into their consulting practice.
IT Security Analyst
IT Security Analyst
IT Security Analysts are responsible for monitoring and maintaining the security of an organization's IT systems. This often includes identifying security vulnerabilities, assessing risks, and recommending solutions. This course may be useful for IT Security Analysts wishing to gain experience using security testing tools in pipelines.
Cloud Security Engineer
Cloud Security Engineer
Cloud Security Engineers are responsible for securing cloud computing environments. This often includes designing and implementing security controls, managing cloud security risks, and monitoring cloud security events. This course may be useful for Cloud Security Engineers wishing to implement automated security testing into their pipelines.
Software Test Engineer
Software Test Engineer
Software Test Engineers are responsible for testing software applications to ensure that they meet requirements. This often includes writing test cases, executing tests, and reporting defects. This course may be useful for Software Test Engineers wishing to learn how to integrate automated security testing into their testing process.
Information Security Manager
Information Security Manager
Information Security Managers are responsible for managing the overall security of an organization's information assets. This often includes developing security policies, overseeing security operations, and managing security budgets. This course may be useful for Information Security Managers wishing to implement automated security testing into their pipelines.
Security Architect
Security Architect
Security Architects are responsible for designing and implementing security solutions for an organization. This often includes developing security strategies, creating security architectures, and managing security risks. This course may be useful for Security Architects wishing to gain experience using security testing tools in pipelines.
Security Researcher
Security Researcher
Security Researchers are responsible for discovering and analyzing security vulnerabilities. This often includes developing new security tools and techniques, and publishing research papers. This course may be useful for Security Researchers wishing to learn how to integrate security testing into their research projects.
Security Operations Manager
Security Operations Manager
Security Operations Managers are responsible for managing the day-to-day security operations of an organization. This often includes monitoring security events, responding to security incidents, and reporting on security metrics. This course may be useful for Security Operations Managers wishing to implement automated security testing into their security operations process.
Technical Security Analyst
Technical Security Analyst
Technical Security Analysts are responsible for investigating and responding to security incidents. This often includes collecting evidence, analyzing data, and recommending solutions. This course may be useful for Technical Security Analysts wishing to learn how to integrate security testing into their incident response process.
For more career information including salaries, visit:
OpenCourser.com/course/thked9/devsecops
Reading list
We've selected ten books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
DevSecOps: Adding Security Testing Tools to Pipelines.
Provides a comprehensive overview of the Kubernetes platform, and valuable resource for both students and practitioners in the field.
Provides a comprehensive overview of the principles and practices of security engineering, and includes detailed coverage of the latest techniques and technologies. It valuable resource for both students and practitioners in the field.
Save
This comprehensive guide provides a deep dive into software security principles and best practices. It covers topics such as secure design, threat modeling, and code analysis, which will enhance the understanding of the security testing tools and techniques covered in the course.
Provides a comprehensive overview of the principles and practices of site reliability engineering, and valuable resource for both students and practitioners in the field.
Provides a comprehensive overview of the Docker platform, and valuable resource for both students and practitioners in the field.
Save
This classic book provides a comprehensive overview of network security principles and best practices. It will provide a valuable foundation for understanding the security threats that automated security testing tools help to mitigate.
Provides a comprehensive overview of the principles and practices of network security, and includes detailed coverage of the latest applications and standards. It valuable resource for both students and practitioners in the field.
Save
Provides a fictionalized account of the principles and practices of DevOps, and valuable resource for both students and practitioners in the field.
Save
Will provide a solid foundation in threat modeling, which crucial aspect of secure software development. It will enhance the understanding of the security considerations that drive the implementation of automated security testing in pipelines.
Save
Delves into the security aspects of Docker, including best practices for building secure images, detecting vulnerabilities, and hardening containers. It will complement the course's coverage of Dockerfile linting and image scanning.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/thked9/devsecops
Share
Similar courses
Here are nine courses similar to
DevSecOps: Adding Security Testing Tools to Pipelines.
Microsoft Azure DevOps Engineer: Implement a Secure and Compliant Development Process
OpenCourser.com/course/pbfy6m/microsoft
Microsoft Azure DevOps Engineer: Implement a Secure and...
Most relevant
DevSecOps: Automated Security Testing Fundamentals
OpenCourser.com/course/edpy22/devsecops
DevSecOps: Automated Security Testing Fundamentals
Most relevant
DevOps with GitHub and Azure: Implementing CI/CD with GitHub Actions
OpenCourser.com/course/1adhlt/devops
DevOps with GitHub and Azure: Implementing CI/CD with...
Most relevant
Learn Azure DevOps CI/CD pipelines
OpenCourser.com/course/v5endn/learn
Learn Azure DevOps CI/CD pipelines
Most relevant
Learn CI/CD YAML pipelines with Azure DevOps
OpenCourser.com/course/nu0jog/learn
Learn CI/CD YAML pipelines with Azure DevOps
Most relevant
Google Cloud CI/CD Pipelines (GCP DevOps Engineer Track Part 3)
OpenCourser.com/course/hlsmd2/google
Google Cloud CI/CD Pipelines (GCP DevOps Engineer Track...
Most relevant
Data Engineering on AWS - Foundations
OpenCourser.com/course/wbonvy/data
Data Engineering on AWS - Foundations
Most relevant
Learn Github Actions for CI/CD DevOps Pipelines
OpenCourser.com/course/6b9vth/learn
Learn Github Actions for CI/CD DevOps Pipelines
Most relevant
Integrating HashiCorp Vault in DevOps Workflows
OpenCourser.com/course/viorqg/integrating
Integrating HashiCorp Vault in DevOps Workflows
Most relevant
Time
120 hours
Level
Intermediate
Via
Pluralsight
Instructor
Peter Mosmans
Language
English
Good to know
Teaches skills and knowledge required to implement security testing tools into CI/CD pipelines to automate security testing
Taught by experienced instructors who work in the field, offering practical insights
Covers a range of tools for different security testing purposes
Develops skills for selecting the right security testing tool for specific tasks
Provides step-by-step guidance on implementing security testing tools into pipelines
Builds a foundation for understanding and implementing automated security testing
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser