DevOps Security Table of Contents

Table of Content


Integrate Security within DevOps

  • Integrate Security for a DevOps World
  • Risk Management in a Rapidly Changing World
  • Key Principles and Benefits of Secure DevOps
  • Business-Driven Security Strategies
  • OWASP Security Guidelines

Applying Shift Left Security Approach

  • Integrating Security Into CI/CD Pipeline
  • Automated Security Testing
  • Tools of the Trade
  • Red and Blue Teams

Securing Development Practices

  • Security Requirements
  • Architectural Considerations
  • Threat Modeling, Data Flow Diagrams, and Attack Surface
  • Identity and Access Management
  • Code Inspection
  • Environment Hardening

Security Verification in the Pipeline

  • What Is Static Application Security Testing?
  • Embed SAST into the CI/CD Pipeline
  • What Is Dynamic Application Security Testing?
  • Embed DAST Into the Pipeline
  • Runtime Application Self-Protection (RASP) versus Interactive Application Security Testing (IAST)
  • Software Composition Analysis

Deploy Secure Software

  • Infrastructure as Code
  • Key Management and Identity Management
  • Chaos Monkey and Fuzz Testing

Security in System Monitoring

  • Security Monitoring
  • Governance, Risk, Compliance and Audit
  • Incident Response and Forensics

Apply for Certification

 For Support