Этот материал находится в платной подписке. Оформи премиум подписку и смотри или слушай DevSecOps Bootcamp, а также все другие курсы, прямо сейчас!
Купить сейчас
  • Урок 1. 00:02:10
    1 - Why learn DevSecOps?
  • Урок 2. 00:03:44
    2 - Pre-Requisites of Bootcamp
  • Урок 3. 00:26:18
    3 - DevSecOps Bootcamp Curriculum Overview
  • Урок 4. 00:02:01
    4 - Support and Other Bootcamp Materials
  • Урок 5. 00:01:30
    5 - Certified DevSecOps Practitioner - Applying for Digital Badge
  • Урок 6. 00:01:33
    1 - Introduction to Security (1 - Security Essentials)
  • Урок 7. 00:13:54
    2 - Importance of Security & Impact of Security Breaches
  • Урок 8. 00:03:49
    3 - How to Secure Systems Against Attacks
  • Урок 9. 00:19:59
    4 - Types of Security Attacks - Part 1
  • Урок 10. 00:20:15
    5 - Types of Security Attacks - Part 2
  • Урок 11. 00:34:27
    6 - OWASP top 10 - Part 1
  • Урок 12. 00:24:33
    7 - OWASP top 10 - Part 2
  • Урок 13. 00:10:55
    8 - Security in Layers
  • Урок 14. 00:11:47
    1 - Issues with Traditional Approach to Security (2 - Introduction to DevSecOps)
  • Урок 15. 00:13:44
    2 - Understand DevSecOps
  • Урок 16. 00:09:07
    3 - Roles & Responsibilities in DevSecOps
  • Урок 17. 00:26:03
    1 - Build a Continuous Integration Pipeline (3 - Application Vulnerability Scanning)
  • Урок 18. 00:03:01
    2 - Impact of Missing Security Insights
  • Урок 19. 00:13:11
    3 - Secret Scanning with GitLeaks - Local Environment
  • Урок 20. 00:19:47
    4 - Pre-commit Hook for Secret Scanning & Integrating GitLeaks in CI Pipeline
  • Урок 21. 00:16:24
    5 - False Positives & Fixing Security Vulnerabilities
  • Урок 22. 00:20:31
    6 - Integrate SAST Scans in Release Pipeline
  • Урок 23. 00:09:20
    1 - Generate Security Scanning Reports (4 - Vulnerability Management and Remediation)
  • Урок 24. 00:25:20
    2 - Introduction to DefectDojo, Managing Security Findings, CWEs
  • Урок 25. 00:29:01
    3 - Automate Uploading Security Scan Results to DefectDojo
  • Урок 26. 00:16:18
    4 - Fix Security Issues Discovered in the DevSecOps Pipeline
  • Урок 27. 00:15:06
    1 - Software Composition Analysis - Security Issues in Application Dependencies (5 - Vulnerability Scanning for Application Dependencies)
  • Урок 28. 00:09:58
    2 - Import SCA Scan Reports in DefectDojo, Fixing SCA Findings, CVEs
  • Урок 29. 00:00:58
    3 - Overview of Static Security Scans in CI Pipeline
  • Урок 30. 00:02:11
    1 - Overview of a CICD Pipeline (6 - Build a CD Pipeline)
  • Урок 31. 00:08:17
    2 - Introduction to Security Layers for AWS Access
  • Урок 32. 00:19:38
    3 - Integrate CICD Pipeline with AWS ECR
  • Урок 33. 00:08:40
    4 - Configure Application Deployment Environment on EC2 Server
  • Урок 34. 00:15:51
    5 - Deploy Application to EC2 Server with Release Pipeline
  • Урок 35. 00:14:14
    6 - Configure Self-Managed GitLab Runner for Pipeline Jobs
  • Урок 36. 00:19:12
    7 - Build Application Images on Self-Managed Runner, Leverage Docker Caching
  • Урок 37. 00:01:23
    1 - Overview of Image Security (7 - Image Scanning - Build Secure Docker Images)
  • Урок 38. 00:14:02
    2 - Configure Automated Security Scanning in Application Image
  • Урок 39. 00:17:22
    3 - Analyze & Fix Security Issues from Findings in Application Image
  • Урок 40. 00:08:38
    4 - Automate Uploading Image Scanning Results in DefectDojo
  • Урок 41. 00:10:15
    5 - Docker Security Best Practices
  • Урок 42. 00:11:24
    6 - Configure Automated Image Security Scanning in ECR Image Repository
  • Урок 43. 00:00:50
    7 - Overview of Automated Application Code and Image Scanning Steps
  • Урок 44. 00:07:12
    1 - AWS Security Essentials (8 - AWS Cloud Security & Access Management)
  • Урок 45. 00:01:56
    2 - Understand AWS Access Management using IAM Service
  • Урок 46. 00:06:30
    3 - Securing AWS Root User Account
  • Урок 47. 00:08:05
    4 - IAM Users, Groups & Policies
  • Урок 48. 00:15:41
    5 - Secure Access from CICD Pipeline to AWS
  • Урок 49. 00:05:08
    6 - Understand Importance of IAM Roles in AWS Cloud Security
  • Урок 50. 00:02:36
    7 - Overview of IAM Resources & Secure Access Management in AWS
  • Урок 51. 00:06:47
    1 - Security Essentials for Accessing Deployment Server (9 - Secure Continuous Deployment & DAST)
  • Урок 52. 00:11:40
    2 - Configure AWS Systems Manager for EC2 Server
  • Урок 53. 00:12:25
    3 - AWS SSM Commands in Release Pipeline for Server Access
  • Урок 54. 00:12:56
    4 - Secure Continuous Deployment to Server using SSM
  • Урок 55. 00:13:55
    5 - Secure Access to AWS with IAM Roles & Short-Lived Credentials
  • Урок 56. 00:02:48
    6 - Overview of AWS Security Measures and Continuous Security Improvements
  • Урок 57. 00:08:34
    7 - Understand Dynamic Application Security Testing (DAST)
  • Урок 58. 00:22:21
    8 - Configure Automated DAST Scans in CICD Pipeline
  • Урок 59. 00:02:14
    9 - Overview of Complete DevSecOps Pipeline with Static and Dynamic Security Scans
  • Урок 60. 00:07:28
    1 - Understand Impact of IaC in Security & DevSecOps (10 - IaC and GitOps for DevSecOps)
  • Урок 61. 00:18:56
    2 - Terraform Script for AWS Infrastructure Provisioning
  • Урок 62. 00:08:40
    3 - Replace Manually Created Infrastructure with Automatically Provisioned Resources
  • Урок 63. 00:13:19
    4 - Build CICD Pipeline for Infrastructure Code using GitOps Principles
  • Урок 64. 00:09:37
    5 - Configure Remote State for Terraform
  • Урок 65. 00:11:48
    6 - Add Automated Security Scan to TF Infrastructure Code
  • Урок 66. 00:03:11
    7 - Understand IaC Concept Cattle vs Pets
  • Урок 67. 00:04:31
    1 - Understand Need for Logging and Monitoring in Security (11 - Logging & Monitoring for Security)
  • Урок 68. 00:04:33
    2 - Introduction to CloudTrail and CloudWatch
  • Урок 69. 00:08:56
    3 - CloudTrail Event History
  • Урок 70. 00:23:37
    4 - Configure Multi-Region Trail in CloudTrail & Forward Logs to CloudWatch
  • Урок 71. 00:18:58
    5 - Create CloudWatch Alarm for EC2 Instance
  • Урок 72. 00:10:00
    6 - Create Custom Metric Filter for Failed Login Metrics
  • Урок 73. 00:10:45
    7 - Configure Alarm for Failed Login Attempts
  • Урок 74. 00:06:38
    8 - Configure AWS Budgets for Monthly Usage Costs
  • Урок 75. 00:01:06
    9 - Complete Bootcamp Part 1 - Next Steps
  • Урок 76. 00:05:01
    12.1-Kubernetes-Security-Overview
  • Урок 77. 00:24:47
    12.2-Kubernetes-Security-Best-Practices
  • Урок 78. 00:22:09
    12.3-Provision-AWS-EKS-Cluster
  • Урок 79. 00:01:40
    13.1-Chapter-Introduction
  • Урок 80. 00:17:04
    13.2-Role-Based-Access-Control-_RBAC_
  • Урок 81. 00:11:13
    13.3-IAM-Roles-and-K8s-Roles-How-it-works
  • Урок 82. 00:18:02
    13.4-Configure-IAM-Roles-and-link-to-K8s-Roles-in-IaC
  • Урок 83. 00:27:46
    13.5-Configure-K8s-Role-and-ClusterRole-in-IaC
  • Урок 84. 00:22:27
    13.6-Review-and-Test-Access
  • Урок 85. 00:02:54
    13.7-Summary-_-Wrap-Up
  • Урок 86. 00:09:54
    14.1-Using-GitLab-OIDC-in-AWS
  • Урок 87. 00:11:50
    14.2-Configure-Authentication-with-GitLab-Identity-Provider
  • Урок 88. 00:18:08
    14.3-Pipeline-Configuration-for-establishing-a-secure-connection
  • Урок 89. 00:22:42
    14.4-Terraform-Configuration-for-EKS-provisioning
  • Урок 90. 00:04:25
    14.5-Summary-_-Wrap-Up
  • Урок 91. 00:03:33
    15.1-Introduction-to-EKS-Blueprints
  • Урок 92. 00:09:27
    15.2-Overview-of-EKS-Add-ons-we-install
  • Урок 93. 00:14:59
    15.3-Configure-EKS-Add-ons
  • Урок 94. 00:11:10
    15.4-Troubleshooting-_-Tuning-Autoscaler
  • Урок 95. 00:02:00
    15.5-Access-Token-Expiration
  • Урок 96. 00:01:48
    16.1-Chapter-Overview
  • Урок 97. 00:09:05
    16.2-ArgoCD-explained-_Part-1_-What_-Why-and-How
  • Урок 98. 00:18:38
    16.3-ArgoCD-explained-_Part-2_-Benefits-and-Configuration
  • Урок 99. 00:06:52
    16.4-Overview-of-CI-or-CD-Pipelines-to-Git-repositories
  • Урок 100. 00:19:08
    16.5-Configure-ArgoCD-in-IaC-_Deploy-Argo-Part-1_
  • Урок 101. 00:10:18
    16.6-IaC-Pipeline-Configuration-_Deploy-Argo-Part-2_
  • Урок 102. 00:10:50
    16.7-Deployment-through-Pipeline-and-Access-Argo-UI-_Deploy-Argo-Part-3_
  • Урок 103. 00:18:31
    16.8-K8s-Manifests-for-Microservices-App-using-Kustomize
  • Урок 104. 00:20:51
    16.9-Create-GitOps-Pipeline-to-update-Kustomization-File
  • Урок 105. 00:08:25
    16.10-Create-CI-Pipeline-that-triggers-GitOps-Pipeline
  • Урок 106. 00:07:02
    16.11-See-Whole-Automated-Workflow-in-Action
  • Урок 107. 00:03:29
    17.1-Why-Policy-as-Code
  • Урок 108. 00:08:46
    17.2-Introduction-to-Open-Policy-Agent-_OPA_-and-OPA-Gatekeeper
  • Урок 109. 00:06:44
    17.3-How-Gatekeeper-and-OPA-works
  • Урок 110. 00:08:41
    17.4-Install-OPA-Gatekeeper-in-Cluster
  • Урок 111. 00:06:22
    17.5-Defining-Policies
  • Урок 112. 00:25:06
    17.6-Define-Policy-to-reject-NodePort-Service
  • Урок 113. 00:13:12
    17.7-Define-Policy-to-reject-Privileged-Containers
  • Урок 114. 00:01:48
    17.8-Summary
  • Урок 115. 00:08:28
    18.1-Why-Secrets-Manager-are-needed
  • Урок 116. 00:03:15
    18.2-Introduction-to-External-Secrets-Operator-in-K8s
  • Урок 117. 00:02:43
    18.3-Capabilities-of-Secrets-Management-Tools
  • Урок 118. 00:05:59
    18.4-Vault-Capabilities-_Vault-Deep-Dive-Part-1_
  • Урок 119. 00:09:59
    18.5-How-Vault-works-_Vault-Deep-Dive-Part-2_
  • Урок 120. 00:03:35
    18.6-Introduction-to-AWS-Secrets-Manager
  • Урок 121. 00:11:36
    18.7-Deploy-External-Secrets-Controller-_Demo-Part-1_
  • Урок 122. 00:16:24
    18.8-Create-SecretStore-and-ExternalSecret
  • Урок 123. 00:04:40
    18.9-Use-Secret-in-Microservice-_Demo-Part-3_
  • Урок 124. 00:01:42
    19.1-Chapter-and-Demo-Overview
  • Урок 125. 00:15:47
    19.2-Service-Mesh-and-Istio-What_-Why-and-How
  • Урок 126. 00:24:42
    19.3-Install-Istio-in-K8s-cluster
  • Урок 127. 00:21:05
    19.4-Configure-Traffic-Routing
  • Урок 128. 00:14:29
    19.5-Configure-a-Secure-Gateway
  • Урок 129. 00:15:40
    19.6-mTLS-Deep-Dive
  • Урок 130. 00:11:00
    19.7-Authorization-in-Istio-Deep-Dive
  • Урок 131. 00:04:59
    19.8-Istio-Policies-vs-K8s-Network-Policies
  • Урок 132. 00:20:59
    19.9-Configure-Authorization-Policies
  • Урок 133. 00:01:24
    19.10-Wrap-Up
  • Урок 134. 00:03:40
    20.1-What-is-Compliance
  • Урок 135. 00:04:17
    20.2-What-are-CIS-Benchmarks
  • Урок 136. 00:02:05
    20.3-Why-Compliance-as-Code
  • Урок 137. 00:05:12
    20.4-Demo-Overview-and-Introduction-to-AWS-Config
  • Урок 138. 00:13:37
    20.5-Setting-up-AWS-Config-Rules
  • Урок 139. 00:17:00
    20.6-Configure-Auto-Remediation-for-Insecure-Security-Groups-for-EC2-Instances
  • Урок 140. 00:07:31
    20.7-Configure-Auto-Remediation-for-CloudTrail-Logging_-if-switched-off
  • Урок 141. 00:10:24
    20.8-Configure-Compliance-Rules-for-AWS-EKS-Service
  • Урок 142. 00:01:41
    20.9-Wrap-Up
  • Урок 143. 00:02:34
    21.1-Why-DevSecOps-is-Important
  • Урок 144. 00:06:41
    21.2-Driving-Cultural-Change-Real-World-Examples-of-Companies
  • Урок 145. 00:12:28
    21.3-How-to-start-implementing-DevSecOps-in-Organizations-_Practical-Tips_
  • Урок 146. 00:07:04
    21.4-Final-Summary.-The-DevSecOps-Transformation
  • Урок 147. 00:01:55
    22.-Apply-for-the-Certified-DevSecOps-Practitioner-credential-_Digital-Badge_