Bootcamp Curriculum
0 - Getting Started with the DevSecOps Bootcamp
Available in
days
days
after you enroll
- 0 - Tell us about you :)
- 1 - Why learn DevSecOps? (2:09)
- 2 - Pre-Requisites of Bootcamp (3:43)
- 3 - DevSecOps Bootcamp Curriculum Overview (27:45)
- 4 - Support and Other Bootcamp Materials (2:00)
- 5 - Recommended Learning Schedule
- 6 - Certified DevSecOps Practitioner - Applying for Digital Badge (1:29)
- 7 - Administrative FAQs
1 - Security Essentials
Available in
days
days
after you enroll
- 0 - Chapter Handout
- 1 - Introduction to Security (01:32)
- 2 - Importance of Security & Impact of Security Breaches (13:50)
- 3 - How to Secure Systems Against Attacks (03:47)
- 4 - Types of Security Attacks - Part 1 (19:53)
- 5 - Types of Security Attacks - Part 2 (20:13)
- 6 - OWASP top 10 - Part 1 (34:27)
- 7 - OWASP top 10 - Part 2 (24:29)
- 8 - Security in Layers (10:54)
2 - Introduction to DevSecOps
Available in
days
days
after you enroll
3 - Application Vulnerability Scanning
Available in
days
days
after you enroll
- 0 - Chapter Handout
- 1 - Build a Continuous Integration Pipeline (26:01)
- 2 - Impact of Missing Security Insights (03:01)
- 3 - Secret Scanning with GitLeaks - Local Environment (13:10)
- 4 - Pre-commit Hook for Secret Scanning & Integrating GitLeaks in CI Pipeline (19:47)
- 5 - False Positives & Fixing Security Vulnerabilities (16:23)
- 6 - Integrate SAST Scans in Release Pipeline (20:31)
4 - Vulnerability Management and Remediation
Available in
days
days
after you enroll
5 - Vulnerability Scanning for Application Dependencies
Available in
days
days
after you enroll
6 - Build a CD Pipeline
Available in
days
days
after you enroll
- 0 - Chapter Handout
- 1 - Overview of a CI/CD Pipeline (02:10)
- 2 - Introduction to Security Layers for AWS Access (08:18)
- 3 - Integrate CI/CD Pipeline with AWS ECR (19:38)
- 4 - Configure Application Deployment Environment on EC2 Server (08:39)
- 5 - Deploy Application to EC2 Server with Release Pipeline (15:46)
- 6 - Configure Self-Managed GitLab Runner for Pipeline Jobs (14:12)
- 7 - Build Application Images on Self-Managed Runner, Leverage Docker Caching (19:08)
7 - Image Scanning - Build Secure Docker Images
Available in
days
days
after you enroll
- 0 - Chapter Handout
- 1 - Overview of Image Security (01:22)
- 2 - Configure Automated Security Scanning in Application Image (14:00)
- 3 - Analyze & Fix Security Issues from Findings in Application Image (17:21)
- 4 - Automate Uploading Image Scanning Results in DefectDojo (08:37)
- 5 - Docker Security Best Practices (10:13)
- 6 - Configure Automated Image Security Scanning in ECR Image Repository (11:24)
- 7 - Overview of Automated Application Code and Image Scanning Steps (00:49)
8 - AWS Cloud Security & Access Management
Available in
days
days
after you enroll
- 0 - Chapter Handout
- 1 - AWS Security Essentials (07:12)
- 2 - Understand AWS Access Management using IAM Service (01:54)
- 3 - Securing AWS Root User Account (06:28)
- 4 - IAM Users, Groups & Policies (08:03)
- 5 - Secure Access from CI/CD Pipeline to AWS (15:39)
- 6 - Understand Importance of IAM Roles in AWS Cloud Security (05:08)
- 7 - Overview of IAM Resources & Secure Access Management in AWS (02:35)
9 - Secure Continuous Deployment & DAST
Available in
days
days
after you enroll
- 0 - Chapter Handout
- 1 - Security Essentials for Accessing Deployment Server (06:45)
- 2 - Configure AWS Systems Manager for EC2 Server (11:38)
- 3 - AWS SSM Commands in Release Pipeline for Server Access (12:24)
- 4 - Secure Continuous Deployment to Server using SSM (12:55)
- 5 - Secure Access to AWS with IAM Roles & Short-Lived Credentials (13:53)
- 6 - Overview of AWS Security Measures and Continuous Security Improvements (02:47)
- 7 - Understand Dynamic Application Security Testing (DAST) (08:33)
- 8 - Configure Automated DAST Scans in CI/CD Pipeline (22:21)
- 9 - Overview of Complete DevSecOps Pipeline with Static and Dynamic Security Scans (02:11)
10 - IaC and GitOps for DevSecOps
Available in
days
days
after you enroll
- 0 - Chapter Handout
- 1 - Understand Impact of IaC in Security & DevSecOps (07:26)
- 2 - Terraform Script for AWS Infrastructure Provisioning (18:53)
- 3 - Replace Manually Created Infrastructure with Automatically Provisioned Resources (08:39)
- 4 - Build CI/CD Pipeline for Infrastructure Code using GitOps Principles (13:17)
- 5 - Configure Remote State for Terraform (09:36)
- 6 - Add Automated Security Scan to TF Infrastructure Code (11:47)
- 7 - Understand IaC Concept "Cattle vs Pets" (03:10)
11 - Logging & Monitoring for Security
Available in
days
days
after you enroll
- 0 - Chapter Handout
- 1 - Understand Need for Logging and Monitoring in Security (04:27)
- 2 - Introduction to CloudTrail and CloudWatch (04:34)
- 3 - CloudTrail Event History (08:54)
- 4 - Configure Multi-Region Trail in CloudTrail & Forward Logs to CloudWatch (23:36)
- 5 - Create CloudWatch Alarm for EC2 Instance (18:56)
- 6 - Create Custom Metric Filter for Failed Login Metrics (09:59)
- 7 - Configure Alarm for Failed Login Attempts (10:43)
- 8 - Configure AWS Budgets for Monthly Usage Costs (06:36)
- 9 - Complete Bootcamp Part 1 - Next Steps (01:05)
12 - Introduction to Kubernetes Security
Available in
days
days
after you enroll
13 - Kubernetes Access Management with AWS EKS
Available in
days
days
after you enroll
- 13.0 - Chapter Handout
- 13.01 - Chapter Introduction (01:41)
- 13.02 - Role Based Access Control (RBAC) (17:06)
- 13.03 - IAM Roles and K8s Roles - How it works (11:13)
- 13.04 - Configure IAM Roles and link to K8s Roles in IaC (18:03)
- 13.05 - Configure K8s Role and ClusterRole in IaC (27:46)
- 13.06 - Review and Test Access (22:29)
- 13.07 - Summary & Wrap Up (02:55)
14 - Secure IaC Pipeline for EKS provisioning
Available in
days
days
after you enroll
- 14.0 - Chapter Handout
- 14.01 - Using GitLab OIDC in AWS (09:55)
- 14.02 - Configure Authentication with GitLab Identity Provider (11:51)
- 14.03 - Pipeline Configuration for establishing a secure connection (18:09)
- 14.04 - Terraform Configuration for EKS provisioning (22:43)
- 14.05 - Summary & Wrap Up (04:26)
15 - Bootstrapping clusters with EKS Blueprints
Available in
days
days
after you enroll
16 - Application Release Pipeline with ArgoCD
Available in
days
days
after you enroll
- 16.0 - Chapter Handout
- 16.01 - Chapter Overview (01:49)
- 16.02 - ArgoCD explained (Part 1) - What, Why and How (09:06)
- 16.03 - ArgoCD explained (Part 2) - Benefits and Configuration (18:39)
- 16.04 - Overview of CI/CD Pipelines to Git repositories (06:53)
- 16.05 - Configure ArgoCD in IaC (Deploy Argo - Part 1) (19:08)
- 16.06 - IaC Pipeline Configuration (Deploy Argo - Part 2) (10:19)
- 16.07 - Deployment through Pipeline and Access Argo UI (Deploy Argo - Part 3) (10:51)
- 16.08 - K8s Manifests for Microservices App using Kustomize (18:30)
- 16.09 - Create GitOps Pipeline to update Kustomization File (20:51)
- 16.10 - Create CI Pipeline that triggers GitOps Pipeline (08:26)
- 16.11 - See Whole Automated Workflow in Action 🚀 (07:03)
17 - Policy as Code with Open Policy Agent
Available in
days
days
after you enroll
- 17.0 - Chapter Handout
- 17.01 - Why Policy as Code (03:29)
- 17.02 - Introduction to Open Policy Agent (OPA) and OPA Gatekeeper (08:46)
- 17.03 - How Gatekeeper and OPA works (06:44)
- 17.04 - Install OPA Gatekeeper in Cluster (08:42)
- 17.05 - Defining Policies (06:22)
- 17.06 - Define Policy to reject NodePort Service (25:06)
- 17.07 - Define Policy to reject Privileged Containers (13:13)
- 17.08 - Summary (01:49)
- Take a break and Tell us how we did :)
18 - Secrets Management in Kubernetes
Available in
days
days
after you enroll
- 18.0 - Chapter Handout
- 18.01 - Why Secrets Manager are needed (08:28)
- 18.02 - Introduction to External Secrets Operator in K8s (03:15)
- 18.03 - Capabilities of Secrets Management Tools (02:44)
- 18.04 - Vault Capabilities (Vault Deep Dive Part 1) (05:59)
- 18.05 - How Vault works (Vault Deep Dive Part 2) (09:59)
- 18.06 - Introduction to AWS Secrets Manager (03:35)
- 18.07 - Deploy External Secrets Controller (Demo - Part 1) (11:36)
- 18.08 - Create SecretStore and ExternalSecret (Demo - Part 2) (16:24)
- 18.09 - Use Secret in Microservice (Demo - Part 3) (04:40)
19 - Service Mesh with Istio
Available in
days
days
after you enroll
- 19.0 - Chapter Handout
- 19.01 - Chapter and Demo Overview (01:43)
- 19.02 - Service Mesh and Istio - What, Why and How (15:47)
- 19.03 - Install Istio in K8s cluster (24:42)
- 19.04 - Configure Traffic Routing (21:05)
- 19.05 - Configure a Secure Gateway (14:29)
- 19.06 - mTLS Deep Dive (15:40)
- 19.07 - Authorization in Istio - Deep Dive (11:00)
- 19.08 - Istio Policies vs K8s Network Policies (04:59)
- 19.09 - Configure Authorization Policies (20:59)
- 19.10 - Wrap Up (01:25)
20 - Compliance as Code
Available in
days
days
after you enroll
- 20.0 - Chapter Handout
- 20.01 - What is Compliance
- 20.02 - What are CIS Benchmarks
- 20.03 - Why Compliance as Code
- 20.04 - Demo Overview and Introduction to AWS Config
- 20.05 - Setting up AWS Config Rules
- 20.06 - Configure Auto-Remediation for Insecure Security Groups for EC2 Instances
- 20.07 - Configure Auto-Remediation for CloudTrail Logging, if switched off
- 20.08 - Configure Compliance Rules for AWS EKS Service
- 20.09 - Wrap Up
21 - How to Introduce DevSecOps in Organizations
Available in
days
days
after you enroll
22 - DevSecOps Certification
Available in
days
days
after you enroll