Important DevSecOps Tools

DevSecOps    |    Intermediate
  • 15 videos | 1h 18m 21s
  • Includes Assessment
  • Earns a Badge
Rating 4.0 of 2 users Rating 4.0 of 2 users (2)
DevSecOps stands for development, security, and operations, and is used to inject security earlier in the software development life cycle (SDLC). In this course, you will explore the various categories of DevSecOps, starting with static analysis security testing (SAST) and dynamic analysis security testing (DAST). Next, you will discover common SAST and DAST DevSecOps tools including Bandit, Clean Code, looks good to me (LGTM), OWASP Zed Attack Proxy (ZAP), and Nikto, and examine dependency analysis and related dependency analysis tools. Then, you will investigate infrastructure as code (IaC) security and the leading IaC security tools, including Anchore, Clair, Dagda, OpenSCAP, dockscan, and InSpec. Finally, you will find out how secrets management is used to manage passwords, keys, application programming interfaces (APIs), and tokens, and you will identify the benefits of vulnerability management and assessment practices.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Provide an overview of sast, or static analysis
    Describe dast, or dynamic analysis
    List common sast and dast devsecops tools, including bandit, clean code, looks good to me (lgtm), owasp zed attack proxy (zap), and nikto
    Define dependency analysis and describe how it is used to analyze dependencies between activities
    Provide an overview of dependency analysis tools, including the open worldwide application security project (owasp), github dependabot, sonatype, and retire.js
    Provide an overview of iac security
    List common iac security tools, including anchore, clair, dagda, openscap, dockscan, and chef inspec
  • Describe how secrets management is used to manage passwords, keys, application programming interfaces (apis), and tokens
    Provide an overview of secrets management tools such as vault, torus, keywhiz, envkey, confidant, and aws secrets manager
    Describe how vulnerability management is used to identify, evaluate, treat, and report on security vulnerabilities
    Provide an overview of vulnerability management tools, including jackhammer, defectdojo, and archerysec
    Outline how vulnerability assessment is used to identify and assess severity levels to security vulnerabilities
    Provide an overview of vulnerability assessment tools such as openvas and docker bench
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 11s
    In this video, we will discover the key concepts covered in this course. FREE ACCESS
  • 5m 41s
    After completing this video, you will be able to provide an overview of SAST, or static analysis. FREE ACCESS
  • Locked
    3.  Dynamic Application Security Testing (DAST)
    5m 56s
    Upon completion of this video, you will be able to describe DAST, or dynamic analysis. FREE ACCESS
  • Locked
    4.  SAST and DAST DevSecOps Tools
    6m 33s
    After completing this video, you will be able to list common SAST and DAST DevSecOps tools, including Bandit, Clean Code, looks good to me (LGTM), OWASP Zed Attack Proxy (ZAP), and Nikto. FREE ACCESS
  • Locked
    5.  Dependency Analysis
    5m 31s
    Upon completion of this video, you will be able to define dependency analysis and describe how it is used to analyze dependencies between activities. FREE ACCESS
  • Locked
    6.  Dependency Analysis DevSecOps Tools
    5m 42s
    After completing this video, you will be able to provide an overview of dependency analysis tools, including the Open Worldwide Application Security Project (OWASP), GitHub Dependabot, Sonatype, and Retire.js. FREE ACCESS
  • Locked
    7.  Infrastructure as Code (IaC) Security
    5m 40s
    Upon completion of this video, you will be able to provide an overview of IaC security. FREE ACCESS
  • Locked
    8.  IaC Security DevSecOps Tools
    5m 52s
    In this video, we will list common IaC security tools, including Anchore, Clair, Dagda, OpenSCAP, dockscan, and Chef InSpec. FREE ACCESS
  • Locked
    9.  Secrets Management
    5m 50s
    After completing this video, you will be able to describe how secrets management is used to manage passwords, keys, application programming interfaces (APIs), and tokens. FREE ACCESS
  • Locked
    10.  Secrets Management DevSecOps Tools
    5m 47s
    Upon completion of this video, you will be able to provide an overview of secrets management tools such as Vault, Torus, Keywhiz, EnvKey, Confidant, and AWS Secrets Manager. FREE ACCESS
  • Locked
    11.  Vulnerability Management
    5m 54s
    After completing this video, you will be able to describe how vulnerability management is used to identify, evaluate, treat, and report on security vulnerabilities. FREE ACCESS
  • Locked
    12.  Vulnerability Management DevSecOps Tools
    5m 55s
    Upon completion of this video, you will be able to provide an overview of vulnerability management tools, including Jackhammer, DefectDojo, and ArcherySec. FREE ACCESS
  • Locked
    13.  Vulnerability Assessment
    6m 12s
    After completing this video, you will be able to outline how vulnerability assessment is used to identify and assess severity levels to security vulnerabilities. FREE ACCESS
  • Locked
    14.  Vulnerability Assessment DevSecOps Tools
    6m 5s
    Upon completion of this video, you will be able to provide an overview of vulnerability assessment tools such as OpenVAS and Docker Bench. FREE ACCESS
  • Locked
    15.  Course Summary
    32s
    In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Rating 4.5 of 2 users Rating 4.5 of 2 users (2)
Rating 4.2 of 26 users Rating 4.2 of 26 users (26)
Rating 4.2 of 107 users Rating 4.2 of 107 users (107)