Overview
This course focuses on teaching learners how to implement cloud native security pipelines. The learning outcomes include understanding the differences between traditional and cloud native CI/CD pipelines, learning about security challenges and opportunities in container and orchestration systems, and gaining knowledge on access control for subjects. The course covers tools such as Spinnaker, AWS EKS, Helm, Tiller, and Jenkins X extensions. The teaching method involves a series of lectures by industry experts. The intended audience for this course is individuals interested in cloud security, DevOps, and CI/CD pipelines.
Syllabus
Intro
Jack Mannino
The Traditional CI/CD Pipeline
Cloud Native CI/CD Pipeline
Old School vs. New School
Focus on Fundamentals First
Spinnaker
Gleaning Knowledge via Testing
Security Challenges & Opportunities
Failure is Everywhere
Container & Orchestration Systems
Access Control for Subjects
AWS EKS Insecure Defaults
Helm, Tiller, and Problems
Don't Do Dumb Stuff
Building Jenkins X Extensions
Taught by
OWASP Foundation