DevSecOps - Kubernetes DevOps and Security Training in Karachi, Lahore, Islamabad, Pakistan, Dubai

DevSecOps – Kubernetes DevOps and Security Training

DevSecOps (short for development, security, and operations) has evolved to address the need to build security continuously across the SDLC so that DevOps teams can deliver secure applications with speed and quality. DevSecOps – Automates the integration of security at every phase of SDLC through Jenkins and various other tools.

What you’ll learn

DevSecOps Approach
Kubernetes Security Concepts
HashiCorp Vault + Secret Injection into Kubernetes Pod
Find Vulnerabilities in Dependencies, Dockerfile, Images, K8S Resources
Unit Test, Mutation Test, SAST, DAST, Integration Test
Integrate/Shifting Security Left within the DevOps Pipeline
Fix/Patch Vulnerabilities in Dependencies, Dockerfile, Images, K8S Resources
Monitoring Vulnerabilities and Kubernetes Cluster
Slack Notifications for Jenkins, Prometheus, Grafana, Falco

Course Content:

Module1: Introduction

Slack Channel and Linked
Best 1080p Video Quality
DevOps vs DevSecOps
Security Aspects
Tools Explored in this Course

Module2: DevOps Pipeline

Section 2 – Topic
Access Lab Environment for Hands-O
Lab Environment for Hands-On Excercises
Git Repository
NOTE – Use LABS for Hands-On
VM Configuration
HandsOn – Create Free Azure Account
Note – Azure VM Issue
HandsOn – Create Azure V
HandsOn – Stopping VM Instance to save Credits
Jenkins Introduction
Check Jenkins Version
Note – 401 Error Jenkins Plugin Installation
HandsOn – Jenkins Plugin Installation
HandsOn – Jenkins Pipeline – Checking Version
Lab 1 – Jenkins Installatio
Understanding the Course Usecas
HandsOn – Running Microservices Local Machin
Maven Basic
HandsOn – Jenkins Github Integration and Maven Buil
Unit Tests Basic
HandsOn – Unit Test and JaCoC
Lab 2 – Jenkins Pipelin
Docker Basic
HandsOn – Docker Build and Pus
Lab 3 – Docker Build and Pus
Note on Kubernetes Architecture
Kubernetes Basic
HandsOn – Kubernetes Deployment
Lab 4 – Kubernetes Deployment

Module3: DevSecOps Pipeline

Section 3 – Topic
Git Hooks and Talisman Introduction
HandsOn – Talisman
Lab 5 – Talisman
Mutation Tests – PIT Basics
HandsOn – Mutation Tests – PIT
Lab 6 – Mutation Tests – PIT
SonarQube – SAST
HandsOn – SonarQube

HandsOn – SonarQube – Quality Gate
HandsOn – SonarQube Authentication Clarification
Lab 7 – SonarQub
Dependency Check Basics
HandsOn – Dependency Check17:21
HandsOn – Refactoring Jenkins
Lab 8 – Dependency Check and Refactor Jenkins
Trivy Basics
HandsOn – Trivy Image Scan – Docker – 1
HandsOn – Trivy Image Scan – Docker – 2
Lab 9 – Trivy Image Scan
OPA Conftest Basics
HandsOn – OPA Conftest – Docker
Kubernetes Security Concept
HandsOn – OPA Conftest – Kubernetes
HandsOn – Kubernetes Deployment Rollout
Lab 10 – OPA
Kubesec Basics
HandsOn – Kubesec
HandsOn – Fixing Script and ReadOnlyRootFileSystem
HandsOn – Trivy – Kubernetes
Lab 11 – Trivy Kubernetes
Note on new Vulnerabilties
HandsOn – Integration Test
DAST Basic
OWASP ZAP Basic
Audio Issue
HandsOn – OWASP ZAP
HandsOn – OWASP ZAP – Jenkins Scan
HandsOn – OWASP ZAP – Fixing Issue
HandsOn – OWASP ZAP – Ignore Test Cases
HandsOn – Slack Notification – Legacy App
Lab 12 – OWASP and Slack Notification
Tools and Technologies for other Programming Languages
End of Section 3 and Promote to PROD namespace

Module4: Kubernetes Operation & Security

Section 4 – Topics
CIS Benchmarking and Kube-bench
Note – Kube-Bench command
HandsOn – Kube-bench
Lab 13 – Kube-bench
Pod-Pod Communication – Need for mTLS
Istio – Basics
HandsOn – Istio Installation
HandsOn – Istio Injecting SideCar Container
Lab 14 – Istio Injecting SideCar Container
Promoting App to Prod and Visualize using Kiali
Istio mTLS Basics
HandsOn – Istio mTLS
HandsOn – Istio Ingress Gateway and VirtualService
Lab 15 – Istio Ingress Gateway and Virtual Service
Kubernetes Monitoring Basics
Prometheus Basics
HandsOn – Prometheus Grafana
Extending Prometheus with AlertManager
Lab 16 – Prometheus and Grafana
Falco Basics
HandsOn – Falco Installation – View in Termina
HandsOn – Falco UI – HELM
HandsOn – Falco Slack Notifications
Lab 17 – Falco
HandsOn – KubeScan
HandsOn – Integration Tests – Prod
HandsOn – Slack Jenkins Custom App
HandsOn – Slack Attachments
HandsOn – Slack – Get Failed Stage Name
Lab 18 – Kubescan

Module5: HashiCorp Vault+ Kubernetes:

Kubernetes Secrets & its Drawbackn
HandsOn – Vault Helm Installatio
Vault UI – Not
HandsOn – Vault Initialization
HandsOn – Vault Secrets Engine
HandsOn – Vault Authorization
HandsOn – Vault Authentication
HandsOn – Vault PHP Application
HandsOn – Vault Annotations & Template
Vault – How it works Internally
Lab 19 – HashiCorp Vault with Kubernetes

Module6: Additional Topics

Kubernetes Architecture
HandsOn – Prometheus – Alert Manager – Installatio
HandsOn – Prometheus – Alert Manager – Alerts – Slack Notifications

Who this course is for:

There is no prior knowledge needed, but a dev/ops/cloud/linux/networks background will definitely help
Kubernetes Admins and Developers
DevOps Engineers
SpringBoot or any Programming Language Developers
Architects and Product Managers