Securing Your DevOps Pipelines

Overview

Security is the top concern of businesses today. This course shows developers how to mitigate security risks by implementing DevSecOps best practices. Every organization with a DevOps framework should be looking to shift toward a DevSecOps mindset, bringing individuals of all abilities and across all technology disciplines to a higher level of proficiency in security. From testing for potential security exploits to building business-driven security services, a DevSecOps framework that uses DevSecOps tools ensures security is built into applications rather than being bolted on haphazardly afterwards. In this course, Milecia McGregor covers how DevSecOps improves upon regular DevOps pipelines. She covers the tools and methodologies you can use to bring DevSecOps to your organization. By the end of the course, you will know how to build a DevSecOps pipeline and how to integrate different tools to handle the OWASP Top Ten, as well as compliance checks to stay up to date with regulations like HIPAA, PCI, and GDPR.

Syllabus

Securing Your DevOps Pipelines

This module introduces DevOps and its evolution into DevSecOps, emphasizing the importance of integrating security into development pipelines. Learners explore key security risks, the OWASP Top 10, and how DevSecOps mitigates vulnerabilities. The course covers essential security testing types and tools, guides students through building a secure pipeline with CircleCI, and concludes with advanced security practices like penetration testing and compliance audits. By the end, participants gain practical skills to implement and secure DevOps pipelines, preparing them to enhance application security in real-world environments.