Autoplay
Autocomplete
Previous Lesson
Complete and Continue
DevSecOps Bootcamp
0 - Getting Started with the DevSecOps Bootcamp
0 - Tell us about you :)
1 - Why learn DevSecOps? (2:09)
2 - Pre-Requisites of Bootcamp (3:43)
3 - DevSecOps Bootcamp Curriculum Overview (27:45)
4 - Support and Other Bootcamp Materials (2:00)
5 - Recommended Learning Schedule
6 - Certified DevSecOps Practitioner - Applying for Digital Badge (1:29)
7 - Administrative FAQs
1 - Security Essentials
0 - Chapter Handout
1 - Introduction to Security (01:32)
2 - Importance of Security & Impact of Security Breaches (13:50)
3 - How to Secure Systems Against Attacks (03:47)
4 - Types of Security Attacks - Part 1 (19:53)
5 - Types of Security Attacks - Part 2 (20:13)
6 - OWASP top 10 - Part 1 (34:27)
7 - OWASP top 10 - Part 2 (24:29)
8 - Security in Layers (10:54)
2 - Introduction to DevSecOps
0 - Chapter Handout
1 - Issues with Traditional Approach to Security (11:45)
2 - Understand DevSecOps (13:45)
3 - Roles & Responsibilities in DevSecOps (09:05)
3 - Application Vulnerability Scanning
0 - Chapter Handout
1 - Build a Continuous Integration Pipeline (26:01)
2 - Impact of Missing Security Insights (03:01)
3 - Secret Scanning with GitLeaks - Local Environment (13:10)
4 - Pre-commit Hook for Secret Scanning & Integrating GitLeaks in CI Pipeline (19:47)
5 - False Positives & Fixing Security Vulnerabilities (16:23)
6 - Integrate SAST Scans in Release Pipeline (20:31)
4 - Vulnerability Management and Remediation
0 - Chapter Handout
1 - Generate Security Scanning Reports (09:20)
2 - Introduction to DefectDojo, Managing Security Findings, CWEs (25:15)
3 - Automate Uploading Security Scan Results to DefectDojo (29:00)
4 - Fix Security Issues Discovered in the DevSecOps Pipeline (16:16)
5 - Vulnerability Scanning for Application Dependencies
0 - Chapter Handout
1 - Software Composition Analysis - Security Issues in Application Dependencies (15:02)
2 - Import SCA Scan Reports in DefectDojo, Fixing SCA Findings, CVEs (09:58)
3 - Overview of Static Security Scans in CI Pipeline (00:56)
6 - Build a CD Pipeline
0 - Chapter Handout
1 - Overview of a CI/CD Pipeline (02:10)
2 - Introduction to Security Layers for AWS Access (08:18)
3 - Integrate CI/CD Pipeline with AWS ECR (19:38)
4 - Configure Application Deployment Environment on EC2 Server (08:39)
5 - Deploy Application to EC2 Server with Release Pipeline (15:46)
6 - Configure Self-Managed GitLab Runner for Pipeline Jobs (14:12)
7 - Build Application Images on Self-Managed Runner, Leverage Docker Caching (19:08)
7 - Image Scanning - Build Secure Docker Images
0 - Chapter Handout
1 - Overview of Image Security (01:22)
2 - Configure Automated Security Scanning in Application Image (14:00)
3 - Analyze & Fix Security Issues from Findings in Application Image (17:21)
4 - Automate Uploading Image Scanning Results in DefectDojo (08:37)
5 - Docker Security Best Practices (10:13)
6 - Configure Automated Image Security Scanning in ECR Image Repository (11:24)
7 - Overview of Automated Application Code and Image Scanning Steps (00:49)
8 - AWS Cloud Security & Access Management
0 - Chapter Handout
1 - AWS Security Essentials (07:12)
2 - Understand AWS Access Management using IAM Service (01:54)
3 - Securing AWS Root User Account (06:28)
4 - IAM Users, Groups & Policies (08:03)
5 - Secure Access from CI/CD Pipeline to AWS (15:39)
6 - Understand Importance of IAM Roles in AWS Cloud Security (05:08)
7 - Overview of IAM Resources & Secure Access Management in AWS (02:35)
9 - Secure Continuous Deployment & DAST
0 - Chapter Handout
1 - Security Essentials for Accessing Deployment Server (06:45)
2 - Configure AWS Systems Manager for EC2 Server (11:38)
3 - AWS SSM Commands in Release Pipeline for Server Access (12:24)
4 - Secure Continuous Deployment to Server using SSM (12:55)
5 - Secure Access to AWS with IAM Roles & Short-Lived Credentials (13:53)
6 - Overview of AWS Security Measures and Continuous Security Improvements (02:47)
7 - Understand Dynamic Application Security Testing (DAST) (08:33)
8 - Configure Automated DAST Scans in CI/CD Pipeline (22:21)
9 - Overview of Complete DevSecOps Pipeline with Static and Dynamic Security Scans (02:11)
10 - IaC and GitOps for DevSecOps
0 - Chapter Handout
1 - Understand Impact of IaC in Security & DevSecOps (07:26)
2 - Terraform Script for AWS Infrastructure Provisioning (18:53)
3 - Replace Manually Created Infrastructure with Automatically Provisioned Resources (08:39)
4 - Build CI/CD Pipeline for Infrastructure Code using GitOps Principles (13:17)
5 - Configure Remote State for Terraform (09:36)
6 - Add Automated Security Scan to TF Infrastructure Code (11:47)
7 - Understand IaC Concept "Cattle vs Pets" (03:10)
11 - Logging & Monitoring for Security
0 - Chapter Handout
1 - Understand Need for Logging and Monitoring in Security (04:27)
2 - Introduction to CloudTrail and CloudWatch (04:34)
3 - CloudTrail Event History (08:54)
4 - Configure Multi-Region Trail in CloudTrail & Forward Logs to CloudWatch (23:36)
5 - Create CloudWatch Alarm for EC2 Instance (18:56)
6 - Create Custom Metric Filter for Failed Login Metrics (09:59)
7 - Configure Alarm for Failed Login Attempts (10:43)
8 - Configure AWS Budgets for Monthly Usage Costs (06:36)
9 - Complete Bootcamp Part 1 - Next Steps (01:05)
12 - Introduction to Kubernetes Security
12.0 - Chapter Handout
12.01 - Kubernetes Security Overview (05:02)
12.02 - Kubernetes Security Best Practices (24:47)
12.03 - Provision AWS EKS Cluster (22:10)
13 - Kubernetes Access Management with AWS EKS
13.0 - Chapter Handout
13.01 - Chapter Introduction (01:41)
13.02 - Role Based Access Control (RBAC) (17:06)
13.03 - IAM Roles and K8s Roles - How it works (11:13)
13.04 - Configure IAM Roles and link to K8s Roles in IaC (18:03)
13.05 - Configure K8s Role and ClusterRole in IaC (27:46)
13.06 - Review and Test Access (22:29)
13.07 - Summary & Wrap Up (02:55)
14 - Secure IaC Pipeline for EKS provisioning
14.0 - Chapter Handout
14.01 - Using GitLab OIDC in AWS (09:55)
14.02 - Configure Authentication with GitLab Identity Provider (11:51)
14.03 - Pipeline Configuration for establishing a secure connection (18:09)
14.04 - Terraform Configuration for EKS provisioning (22:43)
14.05 - Summary & Wrap Up (04:26)
15 - Bootstrapping clusters with EKS Blueprints
15.0 - Chapter Handout
15.01 - Introduction to EKS Blueprints (03:34)
15.02 - Overview of EKS Add-ons we install (09:28)
15.03 - Configure EKS Add-ons (15:00)
15.04 - Troubleshooting & Tuning Autoscaler (11:12)
15.05 - Access Token Expiration (01:59)
16 - Application Release Pipeline with ArgoCD
16.0 - Chapter Handout
16.01 - Chapter Overview (01:49)
16.02 - ArgoCD explained (Part 1) - What, Why and How (09:06)
16.03 - ArgoCD explained (Part 2) - Benefits and Configuration (18:39)
16.04 - Overview of CI/CD Pipelines to Git repositories (06:53)
16.05 - Configure ArgoCD in IaC (Deploy Argo - Part 1) (19:08)
16.06 - IaC Pipeline Configuration (Deploy Argo - Part 2) (10:19)
16.07 - Deployment through Pipeline and Access Argo UI (Deploy Argo - Part 3) (10:51)
16.08 - K8s Manifests for Microservices App using Kustomize (18:30)
16.09 - Create GitOps Pipeline to update Kustomization File (20:51)
16.10 - Create CI Pipeline that triggers GitOps Pipeline (08:26)
16.11 - See Whole Automated Workflow in Action 🚀 (07:03)
17 - Policy as Code with Open Policy Agent
17.0 - Chapter Handout
17.01 - Why Policy as Code (03:29)
17.02 - Introduction to Open Policy Agent (OPA) and OPA Gatekeeper (08:46)
17.03 - How Gatekeeper and OPA works (06:44)
17.04 - Install OPA Gatekeeper in Cluster (08:42)
17.05 - Defining Policies (06:22)
17.06 - Define Policy to reject NodePort Service (25:06)
17.07 - Define Policy to reject Privileged Containers (13:13)
17.08 - Summary (01:49)
Take a break and Tell us how we did :)
18 - Secrets Management in Kubernetes
18.0 - Chapter Handout
18.01 - Why Secrets Manager are needed (08:28)
18.02 - Introduction to External Secrets Operator in K8s (03:15)
18.03 - Capabilities of Secrets Management Tools (02:44)
18.04 - Vault Capabilities (Vault Deep Dive Part 1) (05:59)
18.05 - How Vault works (Vault Deep Dive Part 2) (09:59)
18.06 - Introduction to AWS Secrets Manager (03:35)
18.07 - Deploy External Secrets Controller (Demo - Part 1) (11:36)
18.08 - Create SecretStore and ExternalSecret (Demo - Part 2) (16:24)
18.09 - Use Secret in Microservice (Demo - Part 3) (04:40)
19 - Service Mesh with Istio
19.0 - Chapter Handout
19.01 - Chapter and Demo Overview (01:43)
19.02 - Service Mesh and Istio - What, Why and How (15:47)
19.03 - Install Istio in K8s cluster (24:42)
19.04 - Configure Traffic Routing (21:05)
19.05 - Configure a Secure Gateway (14:29)
19.06 - mTLS Deep Dive (15:40)
19.07 - Authorization in Istio - Deep Dive (11:00)
19.08 - Istio Policies vs K8s Network Policies (04:59)
19.09 - Configure Authorization Policies (20:59)
19.10 - Wrap Up (01:25)
20 - Compliance as Code
20.0 - Chapter Handout
20.01 - What is Compliance
20.02 - What are CIS Benchmarks
20.03 - Why Compliance as Code
20.04 - Demo Overview and Introduction to AWS Config
20.05 - Setting up AWS Config Rules
20.06 - Configure Auto-Remediation for Insecure Security Groups for EC2 Instances
20.07 - Configure Auto-Remediation for CloudTrail Logging, if switched off
20.08 - Configure Compliance Rules for AWS EKS Service
20.09 - Wrap Up
21 - How to Introduce DevSecOps in Organizations
21.01 - Why DevSecOps is Important
21.02 - Driving Cultural Change - Real-World Examples of Companies
21.03 - How to start implementing DevSecOps in Organizations (Practical Tips)
21.04 - Final Summary: The DevSecOps Transformation
22 - DevSecOps Certification
22.01 - Apply for the "Certified DevSecOps Practitioner" credential (Digital Badge) (1:54)
22.02 - How to promote your new DevSecOps skills
22.03 - Wishing you all the best 🩵
Teach online with
17.01 - Why Policy as Code (03:29)
Complete and Continue