Course Outline
Introduction to DevSecOps
- The critical importance of integrating security into the DevOps process.
- Core principles and best practices of DevSecOps.
Security in Continuous Integration (CI)
- Securing code repositories, including GitLab integration with Jenkins.
- Automated code quality and security analysis using SonarQube.
- Incorporating static code analysis into the Jenkins CI pipeline.
Container Security with Docker
- Building secure Docker images.
- Managing Docker image repositories via Harbor.
- Best practices for vulnerability scanning and image version control.
Establishing Secure CI/CD Pipelines
- Configuring Jenkins for robust security integration.
- Executing SonarQube analysis.
- Creating and securing Docker images.
Securing Deployment with Kubernetes
- Security best practices for Kubernetes orchestration.
- The role of the Kubernetes Orchestrator in enabling secure progressive deployments.
- Implementing RBAC (Role-Based Access Control) and securing service-to-service communication.
Integrating RabbitMQ, PostgreSQL, and MongoDB
- Ensuring secure communication between services.
- Data security protocols for PostgreSQL and MongoDB.
- Hardening RabbitMQ to support secure messaging.
Identity and Access Management with Keycloak
- Configuring Keycloak for user authentication and authorization.
- Managing identity within Kubernetes clusters.
Implementing Security in Kubernetes
- Deploying applications securely on Kubernetes.
- Integrating Keycloak with Docker and Kubernetes for comprehensive identity management.
Monitoring and Auditing in DevSecOps
- Continuous monitoring tools and techniques.
- Auditing deployments and maintaining regulatory compliance.
- Practical guidance on automating rollback procedures in the event of security failures.
Summary and Next Steps
Requirements
- Familiarity with the DevOps lifecycle and processes.
- Basic proficiency with Docker containers and Kubernetes orchestration.
Target Audience
- DevOps professionals.
Custom Corporate Training
Training solutions designed exclusively for businesses.
- Customized Content: We adapt the syllabus and practical exercises to the real goals and needs of your project.
- Flexible Schedule: Dates and times adapted to your team's agenda.
- Format: Online (live), In-company (at your offices), or Hybrid.
Price per private group, online live training, starting from 3200 € + VAT*
Contact us for an exact quote and to hear our latest promotions
Testimonials (2)
Craig was extremely involved in the training, always making sure we are paying attention, adapted the examples to our day-to-day activities and always provided an answer when asked, even if the information was not added in the presentation.
Ecaterina Ioana Nicoale - BOOKING HOLDINGS ROMANIA SRL
Course - DevOps Foundation®
real life examples