Description
DevSecOps stands for growth, safety, and operations. It is an strategy to tradition, automation, and platform design that integrates safety as a shared duty all through the complete IT lifecycle. DevOps isn’t nearly growth and operations groups. If you wish to take full benefit of the agility and responsiveness of a DevOps strategy, IT safety should additionally play an built-in function within the full life cycle of your apps.
This course is an entire step-by-step information for implementing finest safety practices and instruments in your DevOps framework. You’ll begin from the very fundamentals by exploring the DevOps structure and how it’s associated to DevSecOps. The you’ll study the 2 foremost container administration platforms: Docker and Kubernetes. You’ll grasp container administration, working with Docker recordsdata, getting and constructing your personal container photos and optimizing them.
In the remainder of the sections you’ll grasp the implementation of the additional safety layer in your DevOps instruments. Firstly, you’ll discover ways to use the Docker Registry and construct a registry by yourself. I’ll present you the way to use Docker Content material Thrust and shield your docker daemon and host by making use of Apparmor and Seccomp safety profiles, implementing Docker Bench Safety and and auditing the your Docker host. Additionally, you will discover ways to shield and analyze vulnerabilities your docker photos to stop corruption utilizing Clair, Quay, Anchore and the CVE database. You’ll discover the way to create and handle Docker secrets and techniques, networks and port mapping. It is possible for you to to make use of safety monitoring instruments resembling cAdvisor, Dive, Falco and administration instruments resembling Portainer, Rancher and Openshift.
Lastly you’ll concentrate on Kubernetes Safety practices. You’ll discover ways to discover, remedy and stop Kubernetes safety dangers and apply finest safety practices. I’ll present you the way to use KubeBench and Kubernetes Dashboard to reinforce your Kubernetes Safety and Prometheus and Grafana to observe and observe our Kubernetes clusters for vulnerabilities.
Right here is the whole course content material by sections:
Part 1: You’ll assessment DevSecOps challenges, methodologies, and instruments to enhance the safety of purposes. The thought of DevSecOps implement safety early within the DevOps within the utility design, growth, and supply processes.
Part 2: You’ll assessment foremost containers platforms that present infrastructure for each the event and operations groups, like Docker and Kubernetes. We will even assessment various instruments like Podman.
Part 3: Grasp Docker manages photos and containers, explores the principle instructions used for producing our photos from Dockerfile, and discover ways to optimize our Docker photos, minimizing their measurement to decreasing the assault floor.
Part 4: Be taught safety finest practices and different features like Docker capabilities, which containers leverage with the intention to present extra options, such because the privileged container. Be taught to create personal registry to stop your photos to be accessible to the world. You’ll assessment Docker Content material Belief and Docker Registry, which offer a safe option to add our photos in Docker Hub platform and different registries like Quay and Harbor.
Part 5: Docker daemon and AppArmor and Seccomp profiles, which offer kernel-enhancement options to restrict system calls. Additionally, we are going to assessment instruments like Docker bench safety and Lynis, which comply with safety finest practices within the Docker setting, and a number of the essential suggestions that may be adopted throughout auditing and Docker deployment in a manufacturing setting.
Part 6: Right here you’ll study finest practices for constructing container photos securely. We’ll assessment some open supply instruments, resembling Clair and Anchore, to find vulnerabilities in container photos by studying static evaluation instruments that analyze the totally different layers that compose a picture. In consequence, builders will be capable of detect vulnerabilities in container purposes earlier than importing them to manufacturing.
Part 7: You’ll study the principle Docker container threats, the principle vulnerabilities we are able to discover in Docker photos, and some companies and instruments for getting details about these vulnerabilities. In consequence, builders can have the capability to acquire particulars about vulnerabilities in container purposes.
Part 8: Be taught Docker secrets and techniques and the important elements of Docker networking, together with how we are able to talk with and hyperlink Docker containers. We will even assessment different ideas like port mapping, which Docker makes use of for exposing the TCP ports that present companies from the container to the host in order that customers accessing the host can entry a container’s companies.
Part 9: It is very important outline a complete technique to observe your Docker infrastructure with a local assortment supply for occasions, statistics, configurations, and information and present views on the efficiency of the CPU, reminiscence, and community containers.
Part 10: Be taught a number of the open supply instruments obtainable for Docker container administration, resembling Portainer, Rancher, and Openshift.
Part 11: Kubernetes structure, elements, objects, and networking mannequin. We will even assessment totally different instruments for working with Kubernetes, explaining minikube as the principle instrument for deploying a cluster.
Part 12: Kubernetes safety and finest practices for securing elements and pods by making use of the precept of least privilege in Kubernetes.
Part 13: Kubernetes safety and Kubernetes bench for safety mission to execute controls documented in CIS Kubernetes Benchmark information. We will even assessment foremost safety tasks for analyzing safety in Kubernetes elements and extra vital vulnerabilities found in Kubernetes in the previous couple of years.
Part 14: Evaluate manufacturing capabilities when working Kubernetes. We’ll first analyze observability and monitoring within the context of Kubernetes, and then we are going to assessment Kubernetes dashboard for getting metrics in your cluster. You’ll take a look at the Kubernetes stack for observability and monitoring with Prometheus and Grafana.
If the coupon just isn’t opening, disable Adblock, or strive one other browser.