Description

Module 1: Understand security in the PipelinePlan to DevSecOpsIntegrate security tools like WhiteSource, Micro Focus, Checkmarx and Veracode with Azure DevOpsImplement pipeline securityUse Secure DevOps kit for Azure (AzSK)Module 2: Introduction to Azure Security CenterBy the end of this module, you'll be able to:Configure Azure Security CenterUnderstand Azure policiesDescribe initiatives, resource locks and Azure BlueprintsWork with Microsoft Defender for IdentityModule 3: Implement open-source softwareBy the end of this module, you'll be able to:Implement open-source softwareExplain corporate concerns for open-source componentsDescribe open-source licensesUnderstand the license implications and ratingsModule 4: Manage anti-malware and anti-spam policiesBy the end of this module, you'll be able to:Manage anti-malware and anti-spam policiesInspect and validate code bases for complianceImplement OWASP Security Coding PracticesUnderstand compliance for code basesModule 5: Integrate license and vulnerability scansBy the end of this module, you'll be able to:Implement security validationWork with SonarCloudInterpret alerts from scanner toolsConfigure GitHub Dependabot alerts and securityModule 6: Identify technical debtBy the end of this module, you'll be able to:Identify and manage technical debtIntegrate code quality toolsPlan code reviewsDescribe complexity and quality metrics

Tags

Syllabus

Syllabus Module 1: Understand security in the PipelineIntroductionUnderstand DevSecOpsExplore rugged DevOps pipelineExplore software composition analysis (SCA)Integrate WhiteSource with Azure DevOps pipelineIntegrate Micro Focus Fortify with Azure PipelinesIntegrate Checkmarx with Azure DevOpsIntegrate Veracode with Azure DevOpsIntegrate software composition analysis checks into pipelinesImplement pipeline securitySecure DevOps kit for Azure (AzSK)Knowledge checkSummaryModule 2: Introduction to Azure Security CenterIntroductionExplore Azure Security CenterExamine Azure Security Center usage scenariosExplore Azure PolicyUnderstand policiesExplore initiativesExplore resource locksExplore Azure BlueprintsUnderstand Microsoft Defender for IdentityKnowledge checkSummaryModule 3: Implement open-source softwareIntroductionExplore how software is builtWhat is open-source software?Explore corporate concerns with open-source software componentsIntroduction to open-source licensesExplore common open-source licensesExamine license implications and ratingsKnowledge checkSummaryModule 4: Manage anti-malware and anti-spam policiesIntroductionInspect and validate code bases for compliancePlan to implement OWASP Secure Coding PracticesKnowledge checkSummaryModule 5: Integrate license and vulnerability scansIntroductionImplement continuous security validationExplore OWASP ZAP penetration testExplore OWASP ZAP results and bugsExamine tools for assess package security and license rateExplore SonarCloudInterpret alerts from scanner toolsExplore CodeQL in GitHubImplement GitHub Dependabot alerts and security updatesKnowledge checkSummaryModule 6: Identify technical debtIntroductionExamine code qualityExamine complexity and quality metricsIntroduction to technical debtMeasure and manage technical debtIntegrate other code quality toolsPlan effective code reviewsKnowledge checkSummary Read more