Course Outline
Introduction to DevSecOps
- The importance of embedding security into the DevOps process.
- Key principles and practices of DevSecOps.
Continuous Integration (CI) Security
- Securing code repositories (GitLab integration with Jenkins).
- Automated code quality and security analysis using SonarQube.
- Implementing static code analysis as part of the Jenkins CI pipeline.
Container Security with Docker
- Creating secure Docker images.
- Managing Docker image repositories with Harbor.
- Best practices for vulnerability scanning and image version control.
Setting up Secure CI/CD Pipelines
- Configuring Jenkins for security integration.
- Running a SonarQube analysis.
- Generating and securing Docker images.
Securing the Deployment Process with Kubernetes
- Security practices for Kubernetes orchestration.
- The role of the Kubernetes Orchestrator in secure progressive deployment.
- Implementing RBAC (Role-Based Access Control) and securing service communication.
Integrating RabbitMQ, PostgreSQL, and MongoDB
- Securing communication between services.
- Data security practices for PostgreSQL and MongoDB.
- Hardening RabbitMQ for secure messaging.
Identity and Access Management with Keycloak
- Configuring Keycloak for user authentication and authorization.
- Managing identity for Kubernetes clusters.
Implementing Security in Kubernetes
- Deploying applications securely on Kubernetes.
- Integrating Keycloak with Docker and Kubernetes for identity management.
Monitoring and Auditing in DevSecOps
- Continuous monitoring tools and techniques.
- Auditing deployments and maintaining compliance.
- Practical guide to automating rollback on security failures.
Summary and Next Steps
Requirements
- Familiarity with the DevOps process.
- Basic working knowledge of Docker containers and Kubernetes orchestration.
Audience
- DevOps professionals.
Custom Corporate Training
Training solutions designed exclusively for businesses.
- Customized Content: We adapt the syllabus and practical exercises to the real goals and needs of your project.
- Flexible Schedule: Dates and times adapted to your team's agenda.
- Format: Online (live), In-company (at your offices), or Hybrid.
Price per private group, online live training, starting from 2600 € + VAT*
Contact us for an exact quote and to hear our latest promotions
Testimonials (2)
Craig was extremely involved in the training, always making sure we are paying attention, adapted the examples to our day-to-day activities and always provided an answer when asked, even if the information was not added in the presentation.
Ecaterina Ioana Nicoale - BOOKING HOLDINGS ROMANIA SRL
Course - DevOps Foundation®
real life examples
