Этот материал находится в платной подписке. Оформи премиум подписку и смотри или слушай DevSecOps Bootcamp, а также все другие курсы, прямо сейчас!
Премиум
  1. Урок 1. 00:02:10
    1 - Why learn DevSecOps?
  2. Урок 2. 00:03:44
    2 - Pre-Requisites of Bootcamp
  3. Урок 3. 00:26:18
    3 - DevSecOps Bootcamp Curriculum Overview
  4. Урок 4. 00:02:01
    4 - Support and Other Bootcamp Materials
  5. Урок 5. 00:01:30
    5 - Certified DevSecOps Practitioner - Applying for Digital Badge
  6. Урок 6. 00:01:33
    1 - Introduction to Security (1 - Security Essentials)
  7. Урок 7. 00:13:54
    2 - Importance of Security & Impact of Security Breaches
  8. Урок 8. 00:03:49
    3 - How to Secure Systems Against Attacks
  9. Урок 9. 00:19:59
    4 - Types of Security Attacks - Part 1
  10. Урок 10. 00:20:15
    5 - Types of Security Attacks - Part 2
  11. Урок 11. 00:34:27
    6 - OWASP top 10 - Part 1
  12. Урок 12. 00:24:33
    7 - OWASP top 10 - Part 2
  13. Урок 13. 00:10:55
    8 - Security in Layers
  14. Урок 14. 00:11:47
    1 - Issues with Traditional Approach to Security (2 - Introduction to DevSecOps)
  15. Урок 15. 00:13:44
    2 - Understand DevSecOps
  16. Урок 16. 00:09:07
    3 - Roles & Responsibilities in DevSecOps
  17. Урок 17. 00:26:03
    1 - Build a Continuous Integration Pipeline (3 - Application Vulnerability Scanning)
  18. Урок 18. 00:03:01
    2 - Impact of Missing Security Insights
  19. Урок 19. 00:13:11
    3 - Secret Scanning with GitLeaks - Local Environment
  20. Урок 20. 00:19:47
    4 - Pre-commit Hook for Secret Scanning & Integrating GitLeaks in CI Pipeline
  21. Урок 21. 00:16:24
    5 - False Positives & Fixing Security Vulnerabilities
  22. Урок 22. 00:20:31
    6 - Integrate SAST Scans in Release Pipeline
  23. Урок 23. 00:09:20
    1 - Generate Security Scanning Reports (4 - Vulnerability Management and Remediation)
  24. Урок 24. 00:25:20
    2 - Introduction to DefectDojo, Managing Security Findings, CWEs
  25. Урок 25. 00:29:01
    3 - Automate Uploading Security Scan Results to DefectDojo
  26. Урок 26. 00:16:18
    4 - Fix Security Issues Discovered in the DevSecOps Pipeline
  27. Урок 27. 00:15:06
    1 - Software Composition Analysis - Security Issues in Application Dependencies (5 - Vulnerability Scanning for Application Dependencies)
  28. Урок 28. 00:09:58
    2 - Import SCA Scan Reports in DefectDojo, Fixing SCA Findings, CVEs
  29. Урок 29. 00:00:58
    3 - Overview of Static Security Scans in CI Pipeline
  30. Урок 30. 00:02:11
    1 - Overview of a CICD Pipeline (6 - Build a CD Pipeline)
  31. Урок 31. 00:08:17
    2 - Introduction to Security Layers for AWS Access
  32. Урок 32. 00:19:38
    3 - Integrate CICD Pipeline with AWS ECR
  33. Урок 33. 00:08:40
    4 - Configure Application Deployment Environment on EC2 Server
  34. Урок 34. 00:15:51
    5 - Deploy Application to EC2 Server with Release Pipeline
  35. Урок 35. 00:14:14
    6 - Configure Self-Managed GitLab Runner for Pipeline Jobs
  36. Урок 36. 00:19:12
    7 - Build Application Images on Self-Managed Runner, Leverage Docker Caching
  37. Урок 37. 00:01:23
    1 - Overview of Image Security (7 - Image Scanning - Build Secure Docker Images)
  38. Урок 38. 00:14:02
    2 - Configure Automated Security Scanning in Application Image
  39. Урок 39. 00:17:22
    3 - Analyze & Fix Security Issues from Findings in Application Image
  40. Урок 40. 00:08:38
    4 - Automate Uploading Image Scanning Results in DefectDojo
  41. Урок 41. 00:10:15
    5 - Docker Security Best Practices
  42. Урок 42. 00:11:24
    6 - Configure Automated Image Security Scanning in ECR Image Repository
  43. Урок 43. 00:00:50
    7 - Overview of Automated Application Code and Image Scanning Steps
  44. Урок 44. 00:07:12
    1 - AWS Security Essentials (8 - AWS Cloud Security & Access Management)
  45. Урок 45. 00:01:56
    2 - Understand AWS Access Management using IAM Service
  46. Урок 46. 00:06:30
    3 - Securing AWS Root User Account
  47. Урок 47. 00:08:05
    4 - IAM Users, Groups & Policies
  48. Урок 48. 00:15:41
    5 - Secure Access from CICD Pipeline to AWS
  49. Урок 49. 00:05:08
    6 - Understand Importance of IAM Roles in AWS Cloud Security
  50. Урок 50. 00:02:36
    7 - Overview of IAM Resources & Secure Access Management in AWS
  51. Урок 51. 00:06:47
    1 - Security Essentials for Accessing Deployment Server (9 - Secure Continuous Deployment & DAST)
  52. Урок 52. 00:11:40
    2 - Configure AWS Systems Manager for EC2 Server
  53. Урок 53. 00:12:25
    3 - AWS SSM Commands in Release Pipeline for Server Access
  54. Урок 54. 00:12:56
    4 - Secure Continuous Deployment to Server using SSM
  55. Урок 55. 00:13:55
    5 - Secure Access to AWS with IAM Roles & Short-Lived Credentials
  56. Урок 56. 00:02:48
    6 - Overview of AWS Security Measures and Continuous Security Improvements
  57. Урок 57. 00:08:34
    7 - Understand Dynamic Application Security Testing (DAST)
  58. Урок 58. 00:22:21
    8 - Configure Automated DAST Scans in CICD Pipeline
  59. Урок 59. 00:02:14
    9 - Overview of Complete DevSecOps Pipeline with Static and Dynamic Security Scans
  60. Урок 60. 00:07:28
    1 - Understand Impact of IaC in Security & DevSecOps (10 - IaC and GitOps for DevSecOps)
  61. Урок 61. 00:18:56
    2 - Terraform Script for AWS Infrastructure Provisioning
  62. Урок 62. 00:08:40
    3 - Replace Manually Created Infrastructure with Automatically Provisioned Resources
  63. Урок 63. 00:13:19
    4 - Build CICD Pipeline for Infrastructure Code using GitOps Principles
  64. Урок 64. 00:09:37
    5 - Configure Remote State for Terraform
  65. Урок 65. 00:11:48
    6 - Add Automated Security Scan to TF Infrastructure Code
  66. Урок 66. 00:03:11
    7 - Understand IaC Concept Cattle vs Pets
  67. Урок 67. 00:04:31
    1 - Understand Need for Logging and Monitoring in Security (11 - Logging & Monitoring for Security)
  68. Урок 68. 00:04:33
    2 - Introduction to CloudTrail and CloudWatch
  69. Урок 69. 00:08:56
    3 - CloudTrail Event History
  70. Урок 70. 00:23:37
    4 - Configure Multi-Region Trail in CloudTrail & Forward Logs to CloudWatch
  71. Урок 71. 00:18:58
    5 - Create CloudWatch Alarm for EC2 Instance
  72. Урок 72. 00:10:00
    6 - Create Custom Metric Filter for Failed Login Metrics
  73. Урок 73. 00:10:45
    7 - Configure Alarm for Failed Login Attempts
  74. Урок 74. 00:06:38
    8 - Configure AWS Budgets for Monthly Usage Costs
  75. Урок 75. 00:01:06
    9 - Complete Bootcamp Part 1 - Next Steps
  76. Урок 76. 00:05:01
    12.1-Kubernetes-Security-Overview
  77. Урок 77. 00:24:47
    12.2-Kubernetes-Security-Best-Practices
  78. Урок 78. 00:22:09
    12.3-Provision-AWS-EKS-Cluster
  79. Урок 79. 00:01:40
    13.1-Chapter-Introduction
  80. Урок 80. 00:17:04
    13.2-Role-Based-Access-Control-_RBAC_
  81. Урок 81. 00:11:13
    13.3-IAM-Roles-and-K8s-Roles-How-it-works
  82. Урок 82. 00:18:02
    13.4-Configure-IAM-Roles-and-link-to-K8s-Roles-in-IaC
  83. Урок 83. 00:27:46
    13.5-Configure-K8s-Role-and-ClusterRole-in-IaC
  84. Урок 84. 00:22:27
    13.6-Review-and-Test-Access
  85. Урок 85. 00:02:54
    13.7-Summary-_-Wrap-Up
  86. Урок 86. 00:09:54
    14.1-Using-GitLab-OIDC-in-AWS
  87. Урок 87. 00:11:50
    14.2-Configure-Authentication-with-GitLab-Identity-Provider
  88. Урок 88. 00:18:08
    14.3-Pipeline-Configuration-for-establishing-a-secure-connection
  89. Урок 89. 00:22:42
    14.4-Terraform-Configuration-for-EKS-provisioning
  90. Урок 90. 00:04:25
    14.5-Summary-_-Wrap-Up
  91. Урок 91. 00:03:33
    15.1-Introduction-to-EKS-Blueprints
  92. Урок 92. 00:09:27
    15.2-Overview-of-EKS-Add-ons-we-install
  93. Урок 93. 00:14:59
    15.3-Configure-EKS-Add-ons
  94. Урок 94. 00:11:10
    15.4-Troubleshooting-_-Tuning-Autoscaler
  95. Урок 95. 00:02:00
    15.5-Access-Token-Expiration
  96. Урок 96. 00:01:48
    16.1-Chapter-Overview
  97. Урок 97. 00:09:05
    16.2-ArgoCD-explained-_Part-1_-What_-Why-and-How
  98. Урок 98. 00:18:38
    16.3-ArgoCD-explained-_Part-2_-Benefits-and-Configuration
  99. Урок 99. 00:06:52
    16.4-Overview-of-CI-or-CD-Pipelines-to-Git-repositories
  100. Урок 100. 00:19:08
    16.5-Configure-ArgoCD-in-IaC-_Deploy-Argo-Part-1_
  101. Урок 101. 00:10:18
    16.6-IaC-Pipeline-Configuration-_Deploy-Argo-Part-2_
  102. Урок 102. 00:10:50
    16.7-Deployment-through-Pipeline-and-Access-Argo-UI-_Deploy-Argo-Part-3_
  103. Урок 103. 00:18:31
    16.8-K8s-Manifests-for-Microservices-App-using-Kustomize
  104. Урок 104. 00:20:51
    16.9-Create-GitOps-Pipeline-to-update-Kustomization-File
  105. Урок 105. 00:08:25
    16.10-Create-CI-Pipeline-that-triggers-GitOps-Pipeline
  106. Урок 106. 00:07:02
    16.11-See-Whole-Automated-Workflow-in-Action
  107. Урок 107. 00:03:29
    17.1-Why-Policy-as-Code
  108. Урок 108. 00:08:46
    17.2-Introduction-to-Open-Policy-Agent-_OPA_-and-OPA-Gatekeeper
  109. Урок 109. 00:06:44
    17.3-How-Gatekeeper-and-OPA-works
  110. Урок 110. 00:08:41
    17.4-Install-OPA-Gatekeeper-in-Cluster
  111. Урок 111. 00:06:22
    17.5-Defining-Policies
  112. Урок 112. 00:25:06
    17.6-Define-Policy-to-reject-NodePort-Service
  113. Урок 113. 00:13:12
    17.7-Define-Policy-to-reject-Privileged-Containers
  114. Урок 114. 00:01:48
    17.8-Summary
  115. Урок 115. 00:08:28
    18.1-Why-Secrets-Manager-are-needed
  116. Урок 116. 00:03:15
    18.2-Introduction-to-External-Secrets-Operator-in-K8s
  117. Урок 117. 00:02:43
    18.3-Capabilities-of-Secrets-Management-Tools
  118. Урок 118. 00:05:59
    18.4-Vault-Capabilities-_Vault-Deep-Dive-Part-1_
  119. Урок 119. 00:09:59
    18.5-How-Vault-works-_Vault-Deep-Dive-Part-2_
  120. Урок 120. 00:03:35
    18.6-Introduction-to-AWS-Secrets-Manager
  121. Урок 121. 00:11:36
    18.7-Deploy-External-Secrets-Controller-_Demo-Part-1_
  122. Урок 122. 00:16:24
    18.8-Create-SecretStore-and-ExternalSecret
  123. Урок 123. 00:04:40
    18.9-Use-Secret-in-Microservice-_Demo-Part-3_
  124. Урок 124. 00:01:42
    19.1-Chapter-and-Demo-Overview
  125. Урок 125. 00:15:47
    19.2-Service-Mesh-and-Istio-What_-Why-and-How
  126. Урок 126. 00:24:42
    19.3-Install-Istio-in-K8s-cluster
  127. Урок 127. 00:21:05
    19.4-Configure-Traffic-Routing
  128. Урок 128. 00:14:29
    19.5-Configure-a-Secure-Gateway
  129. Урок 129. 00:15:40
    19.6-mTLS-Deep-Dive
  130. Урок 130. 00:11:00
    19.7-Authorization-in-Istio-Deep-Dive
  131. Урок 131. 00:04:59
    19.8-Istio-Policies-vs-K8s-Network-Policies
  132. Урок 132. 00:20:59
    19.9-Configure-Authorization-Policies
  133. Урок 133. 00:01:24
    19.10-Wrap-Up
  134. Урок 134. 00:03:40
    20.1-What-is-Compliance
  135. Урок 135. 00:04:17
    20.2-What-are-CIS-Benchmarks
  136. Урок 136. 00:02:05
    20.3-Why-Compliance-as-Code
  137. Урок 137. 00:05:12
    20.4-Demo-Overview-and-Introduction-to-AWS-Config
  138. Урок 138. 00:13:37
    20.5-Setting-up-AWS-Config-Rules
  139. Урок 139. 00:17:00
    20.6-Configure-Auto-Remediation-for-Insecure-Security-Groups-for-EC2-Instances
  140. Урок 140. 00:07:31
    20.7-Configure-Auto-Remediation-for-CloudTrail-Logging_-if-switched-off
  141. Урок 141. 00:10:24
    20.8-Configure-Compliance-Rules-for-AWS-EKS-Service
  142. Урок 142. 00:01:41
    20.9-Wrap-Up
  143. Урок 143. 00:02:34
    21.1-Why-DevSecOps-is-Important
  144. Урок 144. 00:06:41
    21.2-Driving-Cultural-Change-Real-World-Examples-of-Companies
  145. Урок 145. 00:12:28
    21.3-How-to-start-implementing-DevSecOps-in-Organizations-_Practical-Tips_
  146. Урок 146. 00:07:04
    21.4-Final-Summary.-The-DevSecOps-Transformation
  147. Урок 147. 00:01:55
    22.-Apply-for-the-Certified-DevSecOps-Practitioner-credential-_Digital-Badge_