Udemy – Ultimate DevSecOps Bootcamp by School of Devops 2025-4

Udemy – Ultimate DevSecOps Bootcamp by School of Devops 2025-4 Downloadly IRSpace

Aug 16, 2025 - 07:35 Updated: Aug 17, 2025 - 20:12

0 0

Udemy – Ultimate DevSecOps Bootcamp by School of Devops 2025-4

Ultimate DevSecOps Bootcamp by School of Devops. This is a hands-on DevSecOps bootcamp that teaches participants how to build a secure, production-ready CI/CD pipeline using open source tools and industry best practices. In this course, you’ll learn how to integrate security into all phases of the software development lifecycle so that applications are designed to be secure from the ground up. Through hands-on labs, you’ll apply tools like Jenkins, Kubernetes, ArgoCD, Vault, Trivy, Falco, and OWASP ZAP to your DevSecOps workflow. This course is ideal for teams building cloud applications, AI/machine learning models, or containerized workloads that require secure deployment at scale. Participants will learn DevSecOps principles, build a CI/CD pipeline with Jenkins on Kubernetes, analyze software composition with tools like OWASP Dependency-Check, perform static and dynamic security testing with slscan and OWASP ZAP, secure container images with Trivy and Dockle, manage secrets with HashiCorp Vault, monitor runtime security with Falco, secure deployment with GitOps and ArgoCD, automate anomaly detection, and generate software bill of materials (SBOM). By the end of the course, you will be able to design a comprehensive secure DevOps pipeline for real-world applications.

What you will learn

DevSecOps Core Principles: Understand the core principles of DevSecOps and how to integrate them into the modern software delivery pipeline.
Learning Environment Setup: A complete learning environment is setup using Google Cloud Platform, Kubernetes (GKE), and essential DevOps tools.
Building a Secure CI/CD Pipeline: Building a secure CI/CD pipeline using Jenkins, Helm, Docker, and Kubernetes.
Implement Software Composition Analysis (SCA): Use tools like OWASP Dependency-Check, Pyraider, and Dependency-Track to identify and manage third-party risks.
Implement Static Application Security Testing (SAST): Use tools like slscan and integrate them into your CI/CD pipeline.
Perform Dynamic Application Security Testing (DAST): Use OWASP ZAP during deployment phases to identify runtime vulnerabilities.
Container Image Hardening: Harden container images using Dockle, Trivy, and multi-step Dockerfiles to reduce the attack surface.
Sensitive Credential Management: Manage sensitive credentials and implement secure secret injection using HashiCorp Vault and Kubernetes.
Enforcing system-level compliance and infrastructure hardening: Using InSpec and Ansible as Compliance-as-Code tools.
Securing Kubernetes workloads: Implement security contexts, Pod security policies, resource limits, and runtime scanning tools like Falco.
Securely building and deploying AI/machine learning and containerized applications: Using GitOps practices with ArgoCD.
Automating runtime anomaly detection and remediation: Using Falco and Argo Workflows.
Understanding Bill of Materials (SBOM): Understanding Software Bill of Materials (SBOM) and integrating SBOM production into your pipeline.
Design a secure DevOps pipeline from start to finish: Design a secure DevOps pipeline for real applications, from code to production, with continuous security monitoring.

This course is suitable for people who:

DevOps, Cloud, and Platform engineers looking to build secure delivery pipelines.
AI/ML engineers who deploy models and services on Kubernetes or in production environments.
Developers who want to integrate security into their DevOps workflows.
Security professionals and SREs who are transitioning to DevSecOps roles.
Anyone responsible for deploying, securing, and maintaining modern applications at scale.