Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

DevSecOps with GitLab: Secure CI/CD with GitLab

Name: DevSecOps with GitLab: Secure CI/CD with GitLab
Rating: 4.5 (668 reviews)

This course helps to implement DevSecOps in GitLab and integrate SAST, SCA & DAST security tools in CI/CD Pipeline

Role Play

Created byA Security Guru, Raghu The Security Expert

Last updated 10/2025

English

What you'll learn

Learn DevSecOps implementation with GitLab
Learn SAST Integration with GitLab
Learn SCA Integration with GitLab
Learn DAST integration with GitLab
Learn to report security issues in JIRA
Learn to implement SonarCloud in DevSecOps Pipeline
Learn to implement Snyk in DevSecOps Pipeline
Learn to implement OWASP ZAP in DevSecOps Pipeline
Learn to populate code coverage on Sonar Dashboard

Course content

10 sections • 37 lectures • 3h 9m total length

Introduction & Course Agenda5:00
About the Course1:18

What is SonarCloud and its benefits?1:43
Explore SonarCloud, a cloud-based service that guards code quality and security. Set quality gates, track code coverage, and integrate checks via APIs.
Create an account with SonarCloud before implementing SAST in DevSecOps Pipeline1:58
Hands-On: Integrate SonarCloud within GitLab DevSecOps pipeline16:31
Important Note regarding Custom Quality Gates in SonarCloud0:31
Hands-On: Create Quality Gates in DevSecOps pipeline using SonarCloud - Part 112:02
Hands-On: Create Quality Gates in DevSecOps pipeline using SonarCloud - Part 25:39
Hands-On: Populate Unit Test Code Coverage on SonarCloud Dashboard for DevSecOps9:10
Knowledge Check
Learn writing GitLab YAML file with SonarCloud SAST scan
Security Engineer 1:1 discussion with Security Manager

What is Snyk and its benefits?2:04
Explore how Snake security tools, a software as a service, identify security issues in source code, open source libraries, and cloud infrastructure templates, covering sast and software composition analysis.
Create an account with Snyk before implementing SCA in DevSecOps Pipeline2:28
Sign up for Snake to perform software composition analysis in a DevSecOps pipeline, using GitHub authentication and SCA to identify security issues in third-party libraries such as Log Forge.
Hands-On: Integrate Snyk within GitLab DevSecOps Pipeline to perform SCA9:40
Learn writing GitLab YAML file with Snyk SCA scan
Security Engineer 1:1 discussion with Security Manager about SCA

Hands On: Create a JIRA account with Atlassian with custom JIRA site4:06
Hands On: Report SAST security issues in JIRA identified by SonarCloud5:47
Hands On: Report SCA security issues in JIRA identified by Snyk5:01
Hands On: Report DAST security issues in JIRA identified by OWASP ZAP3:53
Report a medium-severity dynamic application security testing issue on http example dot com using zap, x frame options header not set, documented in jira with description, mitigation, and references.
Hands On: Integrate JIRA with SonarCloud to create tickets with one-click13:20

Requirements

Basic computer knowledge
Good to have interest in Security domain

Description

Course Updates:

v5.0 - May 2026

Updated course repo with latest code changes

v 4.0 - May 2024

Added DevSecOps Handbook document in Section 10

v 3.0 - Jan 2024

Updated GitHub Repos in all sections to install Java 17 runner and to use sonar.token instead of sonar.login
Updated course with OWASP ZAP 2.14.0 version

v 2.0 - Feb 2023

Updated course with newer videos on Quality Gates in DevSecOps pipelines using SonarCloud/SonarQube in Section 4
Updated course with newer videos on Integrate JIRA with SonarCloud/SonarQube
Added Assignments and Quizzes to the course

v 1.0 - Feb 2023

Updated course with newer videos on SAST and DAST Analyzers by GitLab

Who shall take this course?

This "DevSecOps with GitLab" course is designed for Security Engineers, DevOps Engineers, SRE, QA Professionals and Freshers looking to find a job in the field of security. This is a focused GitLab DevSecOps course with a special focus on integrating SAST/SCA/DAST tools in Build pipeline.

Learn and implement security in DevOps pipeline, get Hands On experience in using Security tools & technologies.

This course is for:

Developers
DevOps
Security Engineers
Aspiring professional in the Security domain
Quality Assurance Engineers
InfoSec/AppSec Professional

DevSecOps being the hot skill, will help you to secure a high-salaried job and stay informed on the latest market trends.

Why purchase this course?

This is only practical hands-on course available on the internet till now.

DevSecOps enables rapid application development with agility, at the same time it secures your application with automated security checks integrated within the pipeline. It helps to increase productivity and security by integrating security stages in the pipeline.

Also, we have included practical examples to implement security in the DevOps pipeline through various tools.

By the end of the course, you will be able to successfully implement DevOps or DevSecOps pipeline and lead initiatives to create, build and maintain security pipelines in your project.

No Action required before taking this course. For any question or concerns, Please post your comments on discussions tab

Disclaimer: English subtitles are auto-generated so please ignore any grammar mistakes

Who this course is for:

DevSecOps Engineers
DevOps Engineers
Cloud Security Engineers
QA Engineers

DevSecOps with GitLab: Secure CI/CD with GitLab

What you'll learn

Explore related topics

Course content

Introduction2 lectures • 6min

Deep Dive into DevSecOps4 lectures • 12min

Hands On - Implementing DevSecOps Pipeline in GitLab4 lectures • 20min

Implement SAST in GitLab DevSecOps Pipeline using SonarCloud8 lectures • 48min

Implement SCA in GitLab DevSecOps Pipeline using Snyk4 lectures • 14min

Implement DAST in GitLab DevSecOps Pipeline using OWASP ZAP2 lectures • 10min

End To End Java Project Case Study for implementing GitLab DevSecOps Pipeline3 lectures • 19min

Report Security issues found during SAST, SCA & DAST scans in JIRA5 lectures • 32min

Advanced Topics: Additional Features provided by GitLab for DevSecOps Pipelines3 lectures • 19min

Next Steps and Bonus section4 lectures • 10min

Requirements

Description

Who this course is for: