Online Courses
Security in the Pipeline
Online Courses
Security in the Pipeline
  • Introduction
  • Dependency Management
    • Introduction
    • What are dependencies?
    • Internal vs External
    • Securing External Dependencies
    • Securing Internal Dependencies
    • Theory of a Dependency Confusion
    • Conclusion
  • SAST
    • Introduction
    • Code Review
      • Automated Code Review
    • SAST in the Development Cycle
    • Conclusion
  • DAST
    • Introduction
    • Dynamic Application Security Testing (DAST)
    • Spiders and Crawlers
    • Scanning for Vulnerabilities
    • Authenticated Scans
    • Checking APIs with ZAP
    • Integrating DAST into the development pipeline
    • Conclusion
Powered by GitBook
On this page

Introduction

Security in the Pipeline module focuses on securing the code, encompassing SAST, DAST, code analysis challenges, and dependency management for robust DevSecOps practices.

Unlike the broader focus of the 'Security of the Pipeline' module, which encompasses platform security and tooling, 'Security in the Pipeline' concentrates on ensuring the security of the code as it progresses through the development, testing, and deployment phases. You will gain practical knowledge of implementing SAST and DAST techniques to identify and remediate vulnerabilities early in the development process and test your knowledge with code analysis challenges. Finally, explore the crucial role of dependency management in maintaining a secure pipeline, by learning how to effectively manage and validate dependencies, preventing the introduction of vulnerable or malicious code into the software supply chain. By completing this module, you will acquire essential skills in securing the code flow, thus bolstering the overall resilience and integrity of the DevSecOps pipeline.

NextIntroduction

Last updated 8 months ago