DevSecOps using GitHub Actions: Secure CICD with GitHub

Build Secure CI/CD Pipelines with GitHub Actions and integrate SAST, DAST, SCA security tools in the Pipeline

4.56 (566 reviews)

Udemy

platform

English

language

Other

What you will learn

Understand basics of DevSecOps and learn about various tools used in DevSecOps

Learn basics of GitHub Actions and write yaml files in GitHub Actions

Integrate security tools in GitHub Actions Pipeline and execute SAST/DAST/SCA scans

Implement robustness in GitHub Actions

End to End Case study on Java Project where we implement DevSecOps Pipeline with GitHub Actions

Learn using a Git repository from Git bash

Learn CI/CD pipeline creation

Learn various tools used for DevSecOps

Learn SonarCloud

Learn Snyk

Learn OWASP ZAP

Learn Yaml

Learn to create DevSecOps Engineer CV

Learn to implement DevSecOps for NodeJS application

Learn to implement DevSecOps for .Net application

Why take this course?

Course Updates:

v 9.0 - Jan 2024

Updated GitHub Repos for SAST scan with Java 17 and changed sonar.login to sonar.token

v 8.0 - April 2023

Updated course with Indonesian and Chinese Subtitles

v 7.0 - January 2023

Added C# Assignment for DevSecOps pipeline along with Solution using GitHub Actions and some common errors and their solutions

v 6.0 - October 2022

Updated course with French and German Subtitles

v 5.0 - July 2022

Updated course with NodeJS Case Study to implement an End to End DevSecOps Pipeline for a NodeJS Project using GitHub Actions in Section 5

v 4.0 - June 2022

Updated course with Notes on Populating Code Coverage on SonarCloud or SonarQube Dashboard in Section 3
Updated course with Notes on GIT Commands in Section 3
Updated course with newer videos to create account with SonarCloud and Snyk
Updated course videos content

v 3.0 - May 2022

Updated course with Report Walkthrough of SAST, SCA and DAST tools integrated in End to End DevSecOps Pipeline with GitHub Actions

v 2.0 - May 2022

Updated course with videos on End To End DevSecOps Pipeline with GitHub Actions
Added new questions to Quizzes

v 1.0 - April 2022

Updated course with newer videos on GitHub Actions Basics
Added Quizzes to the course

Who shall take this course?

This DevSecOps course is designed for Security Engineers, DevOps Engineers, SRE, QA Professionals and Freshers looking to find a job in the field of security. This is a focused DevSecOps course with a special focus on integrating SAST/DAST/SCA tools in Build pipeline.

Hands On Experience:

1) End to End Case study on Java Project where we implement DevSecOps Pipeline with GitHub Actions (Must Learn)

2) Learn and implement security in DevOps pipeline, get Hands On experience in using Security tools & technologies using GitHub Actions

This course is for:

Developers
DevOps
Security Engineers
Aspiring professional in the Security domain
Quality Assurance Engineers
InfoSec/AppSec Professional

DevSecOps being the hot skill, will help you to secure a high-salaried job and stay informed on the latest market trends.

Why purchase this course?

This is only practical hands-on course available on the internet till now.

DevSecOps enables rapid application development with agility, at the same time it secures your application with automated security checks integrated within the pipeline. It helps to increase productivity and security by integrating security stages in the pipeline.

Also, we have included practical examples to implement security in the DevOps pipeline through various tools.

By the end of the course, you will be able to successfully implement DevOps or DevSecOps pipeline and lead initiatives to create, build and maintain security pipelines in your project.

Things to consider before taking this course:

1) Create a GitHub account

Disclaimer: Indonesian, Chinese, French, German, Spanish and English subtitles are generate via Caption Generator tool so please ignore any grammar/interpretation mistakes

Screenshots

DevSecOps using GitHub Actions: Secure CICD with GitHub - Screenshot_01

DevSecOps using GitHub Actions: Secure CICD with GitHub - Screenshot_02

DevSecOps using GitHub Actions: Secure CICD with GitHub - Screenshot_03

DevSecOps using GitHub Actions: Secure CICD with GitHub - Screenshot_04

Reviews

Jean

May 24, 2023

This course is like a waste of time if you're looking more information about DAST and how to applied, in this course you're going to find only how to applied to a example page.

Bibek

April 17, 2023

I liked the Hands-On lectures for practice and the real-life situations covered. What I found most interesting and useful was going through the QA discussion. The instructor makes sure to answer and resolve each and every query. 90% of the errors that I faced during the setup were resolved through the listed Q&A answers.

Peter

March 23, 2023

spent too much time on the basics of git and editor installation. repeated some basic information a little too much. The JIRA section should have used the JIRA API for raising issues. But overall I got something out of the course.

Parshuram

November 23, 2022

Good and nice way of explaining the various tools used during Security Testing. All Concepts are very clearly explained. Thanks for the content and knowledge.

Miguel

October 14, 2022

Esta bueno el curso, la integración con jira se queda corto. Pero bueno, es aceptable el conocimiento. Vale la pena como curso inicial.

Samuel

October 6, 2022

The instructor knows how to teach step by step but the delivery could have been better if his communication in English was better.

Michael

September 27, 2022

Although the information presented is good if you're completely new to DevSecOps and need to get up to speed, the hands-on practical experience and code alongs leave a lot to be desired.

Geoff

September 23, 2022

Overall, the course was good, however it was very repetitive in places and the repetition didn't add any value to me. If you hadn't seen tools like snyk, sonarcloud etc then it's a good intro to those tools

Mostafa

August 28, 2022

- The Course didn't shows the full cycle of CI/CD as in enterprise level. - Didn't show example from real life scenario. - Didn't show how to use DAST in code just show how to use it with the URL target http://testphp.vulnweb.com/ but was expecting to show in our repoistory. - Didn't show how to reuse the GitHub actions in another repository which is obvious companies using this way.

Balaji

August 18, 2022

Excellent course in terms of content, course flow, presentation, interaction etc. Keep it up!! Strongly recommending this course for understanding DevSecOps along with some hands-on exercises.

Nichole

July 9, 2022

The course was easy to follow up to lecture 22. There were times I had to figure things out on my own which was no big deal but if you are a COMPLETE beginner such as myself....you'll find your frustration mounting at lecture 23. Lecture 27 is extremely taxing because the files that you are "supposed" to delete are already gone which makes it impossible to push the changes to your github repository. I'm in the process of trying to "cheat" a little and still run the devsecops project. Other than that, its a decent course. Just STOP at Lecture 22. Good luck!

Sum

June 16, 2022

The content of the course us good, however the instructor luck explaining the important concept. Github action was very poorly explain

Devon

May 24, 2022

Great and quick rundown of Github Actions for anyone who just needs the bump to get going. Very clear and enjoyable!