0 - Getting Started with the DevSecOps Bootcamp
-
0 - Tell us about you :)
-
1 - Why learn DevSecOps? (2:09)
-
2 - Pre-Requisites of Bootcamp (3:43)
-
3 - DevSecOps Bootcamp Curriculum Overview (27:45)
-
4 - Support and Other Bootcamp Materials (2:00)
-
5 - Recommended Learning Schedule
-
6 - Certified DevSecOps Practitioner - Applying for Digital Badge (1:29)
-
7 - Administrative FAQs
1 - Security Essentials
-
0 - Chapter Handout
-
1 - Introduction to Security (01:32)
-
2 - Importance of Security & Impact of Security Breaches (13:50)
-
3 - How to Secure Systems Against Attacks (03:47)
-
4 - Types of Security Attacks - Part 1 (19:53)
-
5 - Types of Security Attacks - Part 2 (20:13)
-
6 - OWASP top 10 - Part 1 (34:27)
-
7 - OWASP top 10 - Part 2 (24:29)
-
8 - Security in Layers (10:54)
2 - Introduction to DevSecOps
3 - Application Vulnerability Scanning
-
0 - Chapter Handout
-
1 - Build a Continuous Integration Pipeline (26:01)
-
2 - Impact of Missing Security Insights (03:01)
-
3 - Secret Scanning with GitLeaks - Local Environment (13:10)
-
4 - Pre-commit Hook for Secret Scanning & Integrating GitLeaks in CI Pipeline (19:47)
-
5 - False Positives & Fixing Security Vulnerabilities (16:23)
-
6 - Integrate SAST Scans in Release Pipeline (20:31)
4 - Vulnerability Management and Remediation
5 - Vulnerability Scanning for Application Dependencies
6 - Build a CD Pipeline
-
0 - Chapter Handout
-
1 - Overview of a CI/CD Pipeline (02:10)
-
2 - Introduction to Security Layers for AWS Access (08:18)
-
3 - Integrate CI/CD Pipeline with AWS ECR (19:38)
-
4 - Configure Application Deployment Environment on EC2 Server (08:39)
-
5 - Deploy Application to EC2 Server with Release Pipeline (15:46)
-
6 - Configure Self-Managed GitLab Runner for Pipeline Jobs (14:12)
-
7 - Build Application Images on Self-Managed Runner, Leverage Docker Caching (19:08)
7 - Image Scanning - Build Secure Docker Images
-
0 - Chapter Handout
-
1 - Overview of Image Security (01:22)
-
2 - Configure Automated Security Scanning in Application Image (14:00)
-
3 - Analyze & Fix Security Issues from Findings in Application Image (17:21)
-
4 - Automate Uploading Image Scanning Results in DefectDojo (08:37)
-
5 - Docker Security Best Practices (10:13)
-
6 - Configure Automated Image Security Scanning in ECR Image Repository (11:24)
-
7 - Overview of Automated Application Code and Image Scanning Steps (00:49)
8 - AWS Cloud Security & Access Management
-
0 - Chapter Handout
-
1 - AWS Security Essentials (07:12)
-
2 - Understand AWS Access Management using IAM Service (01:54)
-
3 - Securing AWS Root User Account (06:28)
-
4 - IAM Users, Groups & Policies (08:03)
-
5 - Secure Access from CI/CD Pipeline to AWS (15:39)
-
6 - Understand Importance of IAM Roles in AWS Cloud Security (05:08)
-
7 - Overview of IAM Resources & Secure Access Management in AWS (02:35)
9 - Secure Continuous Deployment & DAST
-
0 - Chapter Handout
-
1 - Security Essentials for Accessing Deployment Server (06:45)
-
2 - Configure AWS Systems Manager for EC2 Server (11:38)
-
3 - AWS SSM Commands in Release Pipeline for Server Access (12:24)
-
4 - Secure Continuous Deployment to Server using SSM (12:55)
-
5 - Secure Access to AWS with IAM Roles & Short-Lived Credentials (13:53)
-
6 - Overview of AWS Security Measures and Continuous Security Improvements (02:47)
-
7 - Understand Dynamic Application Security Testing (DAST) (08:33)
-
8 - Configure Automated DAST Scans in CI/CD Pipeline (22:21)
-
9 - Overview of Complete DevSecOps Pipeline with Static and Dynamic Security Scans (02:11)
10 - IaC and GitOps for DevSecOps
-
0 - Chapter Handout
-
1 - Understand Impact of IaC in Security & DevSecOps (07:26)
-
2 - Terraform Script for AWS Infrastructure Provisioning (18:53)
-
3 - Replace Manually Created Infrastructure with Automatically Provisioned Resources (08:39)
-
4 - Build CI/CD Pipeline for Infrastructure Code using GitOps Principles (13:17)
-
5 - Configure Remote State for Terraform (09:36)
-
6 - Add Automated Security Scan to TF Infrastructure Code (11:47)
-
7 - Understand IaC Concept "Cattle vs Pets" (03:10)
11 - Logging & Monitoring for Security
-
0 - Chapter Handout
-
1 - Understand Need for Logging and Monitoring in Security (04:27)
-
2 - Introduction to CloudTrail and CloudWatch (04:34)
-
3 - CloudTrail Event History (08:54)
-
4 - Configure Multi-Region Trail in CloudTrail & Forward Logs to CloudWatch (23:36)
-
5 - Create CloudWatch Alarm for EC2 Instance (18:56)
-
6 - Create Custom Metric Filter for Failed Login Metrics (09:59)
-
7 - Configure Alarm for Failed Login Attempts (10:43)
-
8 - Configure AWS Budgets for Monthly Usage Costs (06:36)
-
9 - Complete Bootcamp Part 1 - Next Steps (01:05)
12 - Introduction to Kubernetes Security
13 - Kubernetes Access Management with AWS EKS
-
13.0 - Chapter Handout
-
13.01 - Chapter Introduction (01:41)
-
13.02 - Role Based Access Control (RBAC) (17:06)
-
13.03 - IAM Roles and K8s Roles - How it works (11:13)
-
13.04 - Configure IAM Roles and link to K8s Roles in IaC (18:03)
-
13.05 - Configure K8s Role and ClusterRole in IaC (27:46)
-
13.06 - Review and Test Access (22:29)
-
13.07 - Summary & Wrap Up (02:55)
14 - Secure IaC Pipeline for EKS provisioning
-
14.0 - Chapter Handout
-
14.01 - Using GitLab OIDC in AWS (09:55)
-
14.02 - Configure Authentication with GitLab Identity Provider (11:51)
-
14.03 - Pipeline Configuration for establishing a secure connection (18:09)
-
14.04 - Terraform Configuration for EKS provisioning (22:43)
-
14.05 - Summary & Wrap Up (04:26)
15 - Bootstrapping clusters with EKS Blueprints
16 - Application Release Pipeline with ArgoCD
-
16.0 - Chapter Handout
-
16.01 - Chapter Overview (01:49)
-
16.02 - ArgoCD explained (Part 1) - What, Why and How (09:06)
-
16.03 - ArgoCD explained (Part 2) - Benefits and Configuration (18:39)
-
16.04 - Overview of CI/CD Pipelines to Git repositories (06:53)
-
16.05 - Configure ArgoCD in IaC (Deploy Argo - Part 1) (19:08)
-
16.06 - IaC Pipeline Configuration (Deploy Argo - Part 2) (10:19)
-
16.07 - Deployment through Pipeline and Access Argo UI (Deploy Argo - Part 3) (10:51)
-
16.08 - K8s Manifests for Microservices App using Kustomize (18:30)
-
16.09 - Create GitOps Pipeline to update Kustomization File (20:51)
-
16.10 - Create CI Pipeline that triggers GitOps Pipeline (08:26)
-
16.11 - See Whole Automated Workflow in Action 🚀 (07:03)
17 - Policy as Code with Open Policy Agent
-
17.0 - Chapter Handout
-
17.01 - Why Policy as Code (03:29)
-
17.02 - Introduction to Open Policy Agent (OPA) and OPA Gatekeeper (08:46)
-
17.03 - How Gatekeeper and OPA works (06:44)
-
17.04 - Install OPA Gatekeeper in Cluster (08:42)
-
17.05 - Defining Policies (06:22)
-
17.06 - Define Policy to reject NodePort Service (25:06)
-
17.07 - Define Policy to reject Privileged Containers (13:13)
-
17.08 - Summary (01:49)
-
Take a break and Tell us how we did :)
18 - Secrets Management in Kubernetes
-
18.0 - Chapter Handout
-
18.01 - Why Secrets Manager are needed (08:28)
-
18.02 - Introduction to External Secrets Operator in K8s (03:15)
-
18.03 - Capabilities of Secrets Management Tools (02:44)
-
18.04 - Vault Capabilities (Vault Deep Dive Part 1) (05:59)
-
18.05 - How Vault works (Vault Deep Dive Part 2) (09:59)
-
18.06 - Introduction to AWS Secrets Manager (03:35)
-
18.07 - Deploy External Secrets Controller (Demo - Part 1) (11:36)
-
18.08 - Create SecretStore and ExternalSecret (Demo - Part 2) (16:24)
-
18.09 - Use Secret in Microservice (Demo - Part 3) (04:40)
19 - Service Mesh with Istio
-
19.0 - Chapter Handout
-
19.01 - Chapter and Demo Overview (01:43)
-
19.02 - Service Mesh and Istio - What, Why and How (15:47)
-
19.03 - Install Istio in K8s cluster (24:42)
-
19.04 - Configure Traffic Routing (21:05)
-
19.05 - Configure a Secure Gateway (14:29)
-
19.06 - mTLS Deep Dive (15:40)
-
19.07 - Authorization in Istio - Deep Dive (11:00)
-
19.08 - Istio Policies vs K8s Network Policies (04:59)
-
19.09 - Configure Authorization Policies (20:59)
-
19.10 - Wrap Up (01:25)
20 - Compliance as Code
-
20.0 - Chapter Handout
-
20.01 - What is Compliance
-
20.02 - What are CIS Benchmarks
-
20.03 - Why Compliance as Code
-
20.04 - Demo Overview and Introduction to AWS Config
-
20.05 - Setting up AWS Config Rules
-
20.06 - Configure Auto-Remediation for Insecure Security Groups for EC2 Instances
-
20.07 - Configure Auto-Remediation for CloudTrail Logging, if switched off
-
20.08 - Configure Compliance Rules for AWS EKS Service
-
20.09 - Wrap Up
21 - How to Introduce DevSecOps in Organizations
22 - DevSecOps Certification
