DevSecOps - Kubernetes DevOps & Security with Hands-On Labs

Name: DevSecOps - Kubernetes DevOps & Security with Hands-On Labs
Rating: 4.5 (512 reviews)

Learn how to integrate & monitor security within Applications, Docker, Kubernetes using DevSecOps with Hands-On Labs

Created bySiddharth Barahalikar

Last updated 3/2024

English

What you'll learn

DevSecOps Approach
Kubernetes Security Concepts
HashiCorp Vault + Secret Injection into Kubernetes Pod
Find Vulnerabilities in Dependencies, Dockerfile, Images, K8S Resources
Unit Test, Mutation Test, SAST, DAST, Integration Test
Integrate/Shifting Security Left within the DevOps Pipeline
Fix/Patch Vulnerabilities in Dependencies, Dockerfile, Images, K8S Resources
Monitoring Vulnerabilities and Kubernetes Cluster
Slack Notifications for Jenkins, Prometheus, Grafana, Falco

Course content

6 sections • 138 lectures • 13h 1m total length

Welcome and Course Introduction4:08
Slack Channel and LinkedIn0:07
Best 1080p Video Quality0:08
Section 1 - Topics0:23
DevOps vs DevSecOps4:21
Security Aspects4:21
Tools Explored in this Course1:04
References0:08
Feedback0:08

Section 2 - Topics0:31
Access Lab Environment for Hands-On11:51
Lab Environment for Hands-On Excercises0:24
Git Repository2:54
NOTE - Use LABS for Hands-On0:07
VM Configuration1:30
HandsOn - Create Free Azure Account3:25
Note - Azure VM Issue0:32
HandsOn - Create Azure VM4:34
HandsOn - Installing Software in VM7:06
HandsOn - Stopping VM Instance to save Credits2:30
Jenkins Introduction4:35
Check Jenkins Version0:45
Note - 401 Error Jenkins Plugin Installation0:12
HandsOn - Jenkins Plugin Installation3:38
HandsOn - Jenkins Pipeline - Checking Versions10:24
Lab 1 - Jenkins Installation0:01
Understanding the Course Usecase2:09
HandsOn - Running Microservices Local Machine6:15
Maven Basics2:14
HandsOn - Jenkins Github Integration and Maven Build6:25
Unit Tests Basics1:32
HandsOn - Unit Test and JaCoCo8:17
Lab 2 - Jenkins Pipeline0:02
Docker Basics2:26
HandsOn - Docker Build and Push8:58
Lab 3 - Docker Build and Push0:02
Note on Kubernetes Architecture0:09
Kubernetes Basics3:29
HandsOn - Kubernetes Deployment7:32
Lab 4 - Kubernetes Deployment0:02
References0:04
Feedback0:08
I really hope you found this course valuable.

Please leave a review and share your experience.

I’m also available for questions - send me a direct message or connect with me over LinkedIn anytime.

Section 3 - Topics0:40
Git Hooks and Talisman Introduction5:03
HandsOn - Talisman10:33
Lab 5 - Talisman0:02
Mutation Tests - PIT Basics2:44
HandsOn - Mutation Tests - PIT19:31
Lab 6 - Mutation Tests - PIT0:02
SonarQube - SAST3:46
HandsOn - SonarQube12:51
HandsOn - SonarQube - Quality Gate16:36
HandsOn - SonarQube Authentication Clarification2:28
Lab 7 - SonarQube0:02
Vulnerabilities Basics3:57
Dependency Check Basics3:27
HandsOn - Dependency Check17:21
HandsOn - Refactoring Jenkins7:16
Lab 8 - Dependency Check and Refactor Jenkins0:02
Trivy Basics4:33
HandsOn - Trivy Image Scan - Docker - 115:26
HandsOn - Trivy Image Scan - Docker - 28:10
Lab 9 - Trivy Image Scan0:02
OPA Conftest Basics2:25
HandsOn - OPA Conftest - Docker12:30
Kubernetes Security Concepts3:16
HandsOn - OPA Conftest - Kubernetes11:49
HandsOn - Kubernetes Deployment Rollout8:12
Lab 10 - OPA0:02
Kubesec Basics1:47
HandsOn - Kubesec8:37
HandsOn - Fixing Script and ReadOnlyRootFileSystem9:45
HandsOn - Trivy - Kubernetes13:20
Lab 11 - Trivy Kubernetes0:02
Note on new Vulnerabilties0:21
HandsOn - Integration Tests9:42
DAST Basics4:04
OWASP ZAP Basics5:28
Audio Issue0:07
HandsOn - OWASP ZAP7:37
HandsOn - OWASP ZAP - Jenkins Scan18:36
HandsOn - OWASP ZAP - Fixing Issue11:59
HandsOn - OWASP ZAP - Ignore Test Cases21:25
HandsOn - Slack Notification - Legacy App21:31
Lab 12 - OWASP and Slack Notification0:02
Tools and Technologies for other Programming Languages1:26
End of Section 3 and Promote to PROD namespace4:07
References0:07
Feedback0:08

Section 4 - Topics0:43
CIS Benchmarking and Kube-bench3:57
Note - Kube-Bench command0:19
HandsOn - Kube-bench17:26
Lab 13 - Kube-bench0:02
Pod-Pod Communication - Need for mTLS3:52
Istio - Basics5:06
HandsOn - Istio Installation7:54
HandsOn - Istio Injecting SideCar Container13:09
Lab 14 - Istio Injecting SideCar Container0:02
Promoting App to Prod and Visualize using Kiali13:51
Istio mTLS Basics3:04
HandsOn - Istio mTLS12:24
HandsOn - Istio Ingress Gateway and VirtualService13:52
Lab 15 - Istio Ingress Gateway and Virtual Service0:02
Kubernetes Monitoring Basics3:09
Prometheus Basics5:18
HandsOn - Prometheus Grafana15:11
Extending Prometheus with AlertManager0:03
Lab 16 - Prometheus and Grafana0:02
Falco Basics3:04
HandsOn - Falco Installation - View in Terminal8:19
HandsOn - Falco UI - HELM11:20
HandsOn - Falco Slack Notifications9:24
Lab 17 - Falco0:02
HandsOn - KubeScan12:59
HandsOn - Integration Tests - Prod4:22
HandsOn - Slack Jenkins Custom App10:37
HandsOn - Slack Attachments16:17
HandsOn - Slack - Get Failed Stage Name18:42
Lab 18 - Kubescan0:02
References0:06
Feedback0:08

Kubernetes Secrets & its Drawback5:46
HandsOn - Vault Helm Installation7:59
Vault UI - Note0:12
HandsOn - Vault Initialization6:25
HandsOn - Vault Secrets Engine6:19
HandsOn - Vault Authorization6:03
HandsOn - Vault Authentication5:33
HandsOn - Vault PHP Application5:38
HandsOn - Vault Annotations & Template11:41
Vault - How it works Internally?6:21
Lab 19 - HashiCorp Vault with Kubernetes0:02
Feedback0:14

Requirements

Basic Knowledge on the below is good to have, not mandatory as scripts, snippets are provided,
DevOps & Jenkins
Docker & Kubernetes
Linux VM, CLI & Shell Scripting

Description

++ Updated the course with 19 Hands-On Lab Environments.

Note -

Please watch the Preview/Promotional Video to get an idea of what will be covered as part of this course.
Auto-generated English Captions are available to all course videos.

DevSecOps - Automates the integration of security at every phase of SDLC through Jenkins and various other tools.

This course is for teams/individuals looking to integrate security into their DevOps pipeline. We will learn all the needed DevSecOps skills, tools and processes to secure,

secrets/sensitive data from being accidentally pushed to SCMs.
find, fix, patch vulnerabilities in application dependencies, Dockerfile, Images, Kubernetes Resources,
build and test the application, build/push docker image, deploying to Kubernetes cluster securely,
- testing
  - Unit Test,
  - Mutation Test,
  - SAST - Static Application Security Testing,
  - DAST - Dynamic Application Security Testing,
  - Integration Test
monitoring vulnerabilities and Kubernetes cluster using various tools

I will present every topic to you in a simple, visual and easy way,

we'll first go through slides for every concept to understand the topic followed by a practical hands-on exercise.
we'll setup your own Kubernetes cluster for this we provide simple scripts.
we also have a Github repository with various code snippets which we use throughout this course
Join the Kubernetes DevSecOps private Slack community for any topic request/discussion.

Basic Knowledge of the below tools/technologies is good to have, but not mandatory as we discuss each concept and provide all the required scripts, code snippets, examples,

DevOps & Jenkins
Docker & Kubernetes
Linux VM, CLI & Shell Scripting

Note -

Please watch the Preview/Promotional Video to get an idea of what will be covered as part of this course.
Auto-generated English Captions are available to all course videos.

Who this course is for:

There is no prior knowledge needed, but a dev/ops/cloud/linux/networks background will definitely help
Kubernetes Admins and Developers
DevOps Engineers
SpringBoot or any Programming Language Developers
Architects and Product Managers

DevSecOps - Kubernetes DevOps & Security with Hands-On Labs

What you'll learn

Explore related topics

Course content

Introduction9 lectures • 15min

DevOps Pipeline33 lectures • 1hr 45min

DevSecOps Pipeline47 lectures • 5hr 13min

Kubernetes Operations and Security33 lectures • 3hr 35min

HashiCorp Vault + Kubernetes12 lectures • 1hr 2min

Additional Topics4 lectures • 1hr 12min

Requirements

Description

Who this course is for: