DevSecOps Certificate for George S Ngaiza
Certificate ID:
722367
Authentication Code:
c4eb8
Certified Person Name:
George S Ngaiza
Trainer Name:
Kumbulani Tshuma
Duration Days:
2
Duration Hours:
14
Course Name:
DevSecOps
Course Date:
2 June 2023 09:00 to 3 June 2023 16:00
Course Outline:
Day One:
Introduction
DevSecOps at a Glance
- CI (Continuous Integration) and CD (Continuous Delivery)
- Shifting security to the left, the DevOps way
DevSecOps Method Theories
- Security for DevOps technologies
- When and how security interacts with the application and the development lifecycle
- Shared ownership of security responsibilities and activities
Day Two:
DevSecOps with Jenkins
- Creating an agent
- Creating a pipeline job
- Using SYNK and SonarQube for SAST security scanning
- Using Arachini and OWASP-ZAP for DAST security scanning
- Using Anchore and Aqua MicroScanner for image security scanning
- Developing a DevSecOps pipeline
- Enabling CI and CD
Security Automation
- Automating security testing with Gaunit
- Running an automated attack
Application Security Automation
- Automating and refactoring XSS attack
- Automating SQLi attack
- Automating a fuzzer
- Testing security in software delivery pipelines
Summary and Conclusion