DevSecOps & Security Automation
Shift security left โ secure SDLC, SAST/DAST/SCA in CI/CD, secrets management, supply-chain security, IaC scanning, and detection engineering.
100% Free ยท All lessons unlocked
Course Content
Foundations
Core concepts and groundwork
Shift-left security and the DevSecOps culture shift
Reading
Secure SDLC โ threat modelling at design time
Reading
CI/CD pipeline architecture and trust boundaries
Reading
Secrets management โ Vault, AWS Secrets Manager and rotation
Reading
Supply chain security โ SBOM and SLSA framework basics
Reading
Practice โ build a threat model for a CI/CD pipeline
Exercise
Core Skills
Essential techniques and patterns
GitHub Actions / GitLab CI security hardening
Reading
Integrating SAST and SCA into pipeline gates
Reading
Container image signing and verification (Cosign, Notary)
Reading
Policy-as-code gates with OPA/Conftest in pipelines
Reading
Pipeline poisoning attacks and runner isolation
Reading
Practice โ add SAST, SCA and image signing to a pipeline
Exercise
Applied Practice
Hands-on, real-world scenarios
Terraform security scanning โ Checkov, tfsec and Terrascan
Reading
Policy-as-code with Open Policy Agent (OPA) and Rego
Reading
Drift detection and continuous compliance
Reading
Ansible and configuration management security
Reading
GitOps security model โ ArgoCD and Flux trust boundaries
Reading
Practice โ write OPA policies to block insecure Terraform
Exercise
Advanced Topics
Deeper, more complex material
Centralised logging architecture โ ELK / OpenSearch stack
Reading
SIEM fundamentals โ correlation rules and alert tuning
Reading
Detection engineering with Sigma rules
Reading
SOAR concepts โ automated response playbooks
Reading
Building dashboards for security KPIs and MTTR
Reading
Practice โ write Sigma detection rules and a SOAR playbook
Exercise
Production & Scale
Building for the real world
Incident response lifecycle โ NIST 800-61 phases
Reading
Digital forensics basics โ memory and disk artefacts
Reading
Threat hunting methodology and hypothesis-driven hunts
Reading
Cloud incident response โ isolating a compromised workload
Reading
Post-incident review and lessons-learned process
Reading
Practice โ run a tabletop incident response simulation
Exercise
Mastery & Capstone
Projects and final review
Project brief โ DevSecOps pipeline with full detection stack
Reading
Build a CI/CD pipeline with SAST, SCA and image signing
Exercise
Deploy centralised logging and Sigma-based detections
Exercise
Simulate an attack and trigger automated response
Exercise
Capstone โ submit DevSecOps pipeline portfolio project
Project
100% Free ยท All lessons unlocked
Topic Overview
What you'll learn
- Core concepts and fundamentals of DevSecOps & Security Automation
- Industry best practices and design patterns
- Hands-on exercises with real-world scenarios
- Performance optimization and advanced techniques
- Building production-ready applications