Price: 599 INR (8.00 USD) | Size: 2.52 GB | 1 DVD | Duration : 10.00+ Hours | BRAND: Expert TRAINING | ENGLISH | DOWNLOAD
 
Module I: Introduction to DevOps
 
Learn the basics of DevOps and SDLC (Software Development Life Cycle) processes, components required to implement a DevOps pipeline. Plan a pipeline for a web application and implement it for an on-premise setup involving virtual machines.
What is SDLC?
What is DevOps?
DevOps Building Blocks and Principles
Need of DevOps
What is Continuous Integration and Continuous Deployment?
Continuous Integration to Continuous Deployment to Continuous Delivery
Continuous Delivery vs Continuous Deployment
General workflow of CI/CD pipeline
Phases of DevOps Pipeline
Code Environment (IDE)
Version Control System (VCS)
Basics of Git VCS
Self Hosted VCS i.e. Gitlab, SCM
Publicly available VCS e.g. GitLab, GitHub, BitBucket
Building the Project
Manual Build vs Automated Build
Build Systems e.g. Maven, make, Dockerfile, Packer
Testing
Manual Testing vs Automated Testing
Automated Unit Testing e.g. JUnit, Pytest
Automated Functional Testing e.g. Selenium
Deployment
Manually creating the setup
Infrastructure as Code e.g. Ansible, Chef
Continuous Integration (CI)
Benefits of CI
CI solutions e.g. Jenkins, GitLab CI
Lab: Continuous Integration lab for Django Webapp
Monitoring
Importance of Monitoring
Monitoring with NagiOS
Concept and explanation what to monitor
Maintenance
Issue Tracking
Documentation
Case studies on DevOps Pipelines
Plan a DevOps Pipeline for a WebApp
Implement DevOps Pipeline for an on-premise model
Module II: DevSecOps: Adding Security to DevOps
This module is covered in Sessions 2 and 3 of the bootcamp.
 
Understand the secure SDLC and concept of integrating security in DevOps process, learn to perform threat modeling, identify the security components for the DevOps pipeline, install and configure the security tools to convert DevOps pipeline into DevSecOps pipeline. 
What is Secure SDLC?
Secure SDLC phases
DevSecOps Maturity Model (DSOMM)
Adding Security to DevOps
Phases of DevSecOps Pipeline
Threat modelling
What is Threat Modelling?
STRIDE vs DREAD approaches
Using ThreatSpec and BDD Security
Automated Code Review
What is Automated Code Review?
Using FindSecBugs, PMD, DevSkim tools
Sensitive Information Scan
What is Sensitive Information Scan?
Using Talisman, GitSecret, Trufflehog
Static Code Analysis (SAST)
What is SAST?
Using SonarQube, Graudit and Flawfinder
Dynamic Code Analysis (DAST)
What is DAST?
Using OWASP Zap, Arachini
Software Component Analysis
What is Software Component Analysis?
Using OWASP dependency check, Retire.js and Safety
Vulnerability Management and Vulnerability Assessment
What is Vulnerability Management and Vulnerability Assessment?
Using ArcherySec, DefectDojo, OpenVAS
Compliance as Code
What is Compliance as Code?
Using Inspec and Serverspec
Secret Management
Need for Secret Management
Using Hashicorp Vault, Torus
Case studies on DevSecOps Pipelines
Identify security components for the WebApp DevOps pipeline created in last session
Integrate the security components to form a DevSecOps pipeline
Module III: DevSecOps Pipelines on GitLab
Learn about GitLab CI fundamentals, configurations to create a DevSecOps pipeline on it. The GitLab can be hosted on-premise, in hosted service Gitlab.com and can also be installed on cloud infrastructure, making it a good choice for DevSecOps process.
Designing a DevOps Pipeline for a Django Web Application
Identifying the DevSecOps components to integrate
Introduction to GitLab CI
Writing gitlab-ci.yaml
Configuring Environment variables
Using secrets securely
Configuring Runners
Implementing Pipeline using GitLab CI
Integrating security tools