Build AI Apps with Azure, Copilot, and Generative AI — Microsoft Certified
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore best practices and tools that can help you implement security across the entirety of the continuous integration and continuous delivery (CI/CD) pipeline.
Syllabus
Introduction
- Securing your CI/CD pipeline
- What you should know
- Traditional InfoSec is in crisis
- Introducing DevSecOps
- The continuous delivery pipeline
- Goals for a DevSecOps toolchain approach
- Secure development practices
- Static code analysis
- Tool: Keeping secrets with git-secrets
- Tool: Rapid Risk Assessment
- What's in your app?
- OWASP Dependency Check in practice
- JavaScript security with Retire.js: Installation
- JavaScript security with Retire.js: Testing
- Options for software composition analysis
- Security testing in the build stage
- AppSec scanning with DAST tools
- Gauntlt in practice
- Security in the deploy phase
- Rundeck for deployments
- Tricks for making compliance happy
- Keeping security in operate
- Modern application security
- Signal Sciences in practice
- Cloud security monitoring
- Next steps
Taught by
James Wickett