Time
4 hours 39 minutes
Difficulty
Beginner
CEU/CPE
5

Video Transcription

00:00
So starting a brand new module here, Module four where it's and we're moving along the pipeline. Now we're actually in development, so we already did the awareness and the training.
00:12
Now we've got everything ready. We've got We know our metrics. We know what tools were going to use.
00:17
So let's start looking at the codes being developed. How we gonna analyze it?
00:23
We'll start off with less than 4.1 where again we do them the module overview and understand the concepts we're gonna look at throughout all the lessons and the structure.
00:34
The outline here is we're gonna look at pipeline orchestration,
00:38
some of the development tools and the activities, and then
00:42
jump into open source static analysis where we're using spot bugs and PMD and some of these other tools to open source tools to look at the code and identify any security bugs.
00:54
It will take a look at software composition analysis. Can we call S E A, which is just looking at the third party libraries? What's what Outside the regular code has developed what's composed in that comes into the final application
01:07
and all Demo Jenkins, with the's static analysis and s e A. So this is we're gonna start adding on to our pipeline here and having a couple more tests
01:18
and then all introduced the AWAS deaf stickups maturity model. I think again, this is a interesting important concept. Is is a maturity model toe to look at these four different steps of the way they set it up until you can take a look and say, This is level one. I'm here. I'm at level two or whatever level I'm currently at.
01:37
And this is the level I want to get to.
01:40
What kind of plan or how can I develop a plan to get to where I want to be?
01:46
So get a couple learning objectives here
01:49
discussing the major steps of continuous integration. Continuous delivery. It's a slightly different concept from
01:55
Dev Ops, but it's it integrated into that
01:57
describe the development built faces which we're in right now. Take a look at some of the tools activities
02:05
again looking to open source static analysis, open stores dependency check with S E. A. I'll demonstrate the Jenkins pipeline
02:14
and then again, take a look at the are introduced the a loss maturity model
02:20
and we're back to our just so we know we're on our little road map. We've moved. We moved past the planning phase that we're doing. The coating is done. Let's do static analysis and s e a on the code to identify any problems.
02:37
Again. This is just the the intro where we talked About what we're gonna that concepts for the module
02:40
and we'll start off with some of the key ideas for deaths. Have ups integration or sorry orchestration in the next
02:47
listen.

Up Next

DevSecOps Fundamentals

DevSecOps certification training helps students learn to incorporate security features in every step of the development process and navigate distinct security challenges in custom software and web applications.

Instructed By

Instructor Profile Image
Philip Kulp
Instructor