Course Information
Registration period
Year-round Recruitment
Course Level
Study Mode
Duration
1 Hour(s) 53 Minute(s)
Language
English
Taught by
Ravi Teja K
Rating
Course Overview
Secure applications by integrating SAST, DAST, SCA, and secrets scanning into your CI/CD pipelines.
In today’s fast-paced DevOps world, security cannot be an afterthought. This hands-on DevSecOps course is designed to teach you how to embed security into your CI/CD pipelines from Day 1.
You’ll learn how to build a complete DevSecOps pipeline using Jenkins, Docker, and GitHub, integrating powerful open-source automation tools such as:
SonarQube for Static Application Security Testing (SAST)
OWASP ZAP for Dynamic Application Security Testing (DAST)
OWASP Dependency-Check for Software Composition Analysis (SCA)
Trivy for container vulnerability scanning
This course is packed with real-world vulnerable Java applications, and we walk you step-by-step through scanning, reporting, interpreting results, and fixing vulnerabilities.
Whether you're a student, developer, DevOps engineer, or aspiring cybersecurity professional, this course gives you hands-on experience and practical skills in building secure pipelines without relying on expensive enterprise tools.
By the end of this course, you’ll understand how to shift security left, integrate security gates into CI/CD workflows, and automate security testing as part of the everyday development. No prior security experience is needed, just a passion for building secure, modern, production-ready applications that stand strong against real time threats.
Get ready to take your DevOps skills to the next level by mastering the security layer every team needs.
Course Content
- 8 section(s)
- 15 lecture(s)
- Section 1 Introduction to DevSecOps
- Section 2 Secure Software Development Lifecycle
- Section 3 DevSecOps Toolchain Overview
- Section 4 Automating Code Security
- Section 5 Dynamic Application Security Testing
- Section 6 Securing Containers
- Section 7 Jenkins and CI/CD Security
- Section 8 Storing Credentials and keys securely
What You’ll Learn
- Set up a complete DevSecOps pipeline from scratch using Jenkins, integrating security tools like SAST, SCA, Container Scanning, DAST., Scan real-world Java applications for vulnerabilities and insecure dependencies with open-source tools and interpret reports to identify and fix security issues, Automate security testing in CI/CD workflows by building and deploying secure-by-design apps with shift-left security practices and hands-on DevOps pipelines., Gain practical experience securing modern applications using Docker, GitHub, and open-source tools without relying on enterprise licenses or cloud dependencies
Skills covered in this course
Reviews
-
AAlon Alush
This course was awesome, the teacher really knew what he was talking about and I learned a lot. I recommend this for anyone looking to integrate robust security practices into their applications.
-
VVikram Sai Battar
Really enjoyed this course! The instructor explains things in a simple way and the hands-on labs make it easy to actually practice what you’re learning. Everything feels practical and useful.
