The Complete DevSecOps Course with Docker and Kubernetes

Ace Apparmor, Clair, Quay, Anchore, Swarm, Portainer, Rancher, KubeBench, Prometheus and something else for DevOps security

What you'll learn

• Apply security to the primary container stages: Docker and Kubernetes
• Learn best Docker security rehearses
• Make your own rived picture registry to forestall images to be open to the world
• Survey Docker Content Trust and Docker Registry
• Transfer images to Docker Center point, Quay and Harbor
• Carry out Docker daemon security
• Carry out AppArmor and Seccomp security profiles to give Linux portion upgrade highlights
• Execute Docker Seat Security
• Learn best Docker security rehearses
• Find Docker vulnerabilities utilizing Clair and Anchore
• Learn static security analysis tools
• Investigate the fundamental Docker container dangers
• Learn how to make Docker secrets
• Connect Docker containers
• Docker organizing security
• Oversee computer chip, memory and Smash execution of your containers
• Administrate your Docker containers with Portainer and Rancher
• Send off Kubernetes utilizing Minikube
• Apply least honor rule to safeguard Kubernetes clusters
• Use CIS Kubernetes Benchmark guide
• Break down security and vulnerabilities in Kubernetes cases, clusters and nodes
• Screen Kubernetes underway utilizing Prometheus and Grafana

 

Necessities

• No earlier programming experience required
• No earlier DevOps experience required

Description

DevSecOps stands for development, security, and tasks. It's a way to deal with culture, computerization, and stage design that coordinates security as a common obligation all through the whole IT lifecycle. DevOps isn't just about development and tasks groups. To make the most of the dexterity and responsiveness of a DevOps approach, IT security should likewise assume a coordinated part in the full life pattern of your applications.

This course is a complete bit by bit guide for executing best security practices and tools on your DevOps system. You will begin from the very rudiments by investigating the DevOps architecture and the way things are connected with DevSecOps. The you will learn the two primary container the board stages: Docker and Kubernetes. You will dominate container the executives, working with Docker records, getting and building your own container images and upgrading them.

 

In the other segments you will dominate the execution of the additional security layer on your DevOps tools. You, right off the bat, will learn how to utilize the Docker Registry and fabricate a registry all alone. I will tell you the best way to utilize Docker Content Push and safeguard your docker daemon and host by applying Apparmor and Seccomp security profiles, executing Docker Seat Security and evaluating the your Docker have. You will likewise learn how to safeguard and investigate vulnerabilities your docker images to forestall debasement utilizing Clair, Quay, Anchore and the CVE information base. You will investigate how to make and oversee Docker secrets, networks and port planning. You will actually want to utilize security observing tools, for example, cAdvisor, Dive, Falco and organization tools like Portainer, Rancher and Openshift.

At last you will zero in on Kubernetes Security rehearses. You will learn how to find, tackle and forestall Kubernetes security chances and apply best security rehearses. I will tell you the best way to utilize KubeBench and Kubernetes Dashboard to upgrade your Kubernetes Security and Prometheus and Grafana to screen and notice our Kubernetes clusters for vulnerabilities.

 

Here is the complete course satisfied by segments:

Segment 1: You will survey DevSecOps difficulties, strategies, and tools to work on the security of uses. The possibility of DevSecOps execute security from the get-go in the DevOps in the application design, development, and conveyance processes.

Segment 2: You will audit principal containers stages that give framework to both the development and activities groups, similar to Docker and Kubernetes. We will likewise audit elective tools like Podman.

Segment 3: Expert Docker oversees images and containers, investigates the principal commands utilized for creating our images from Dockerfile, and learn how to improve our Docker images, limiting their size to decreasing the assault surface.

Segment 4: Learn security best practices and different angles like Docker capacities, which containers influence to give more elements, like the special container. Learn to make private registry to forestall your images to be open to the world. You will survey Docker Content Trust and Docker Registry, which give a safe method for transferring our images in Docker Center point stage and different vaults like Quay and Harbor.

Segment 5: Docker daemon and AppArmor and Seccomp profiles, which give piece improvement highlights to restrict framework calls. Additionally, we will survey tools like Docker seat security and Lynis, which follow security best practices in the Docker climate, and a portion of the significant suggestions that can be followed during examining and Docker organization in a creation climate.

Segment 6: Here you will learn best practices for building container images safely. We will audit a few open source tools, like Clair and Anchore, to find vulnerabilities in container images by learning static analysis tools that dissect the various layers that make a picture. Accordingly, engineers will actually want to recognize vulnerabilities in container applications prior to transferring them to creation.

Segment 7: You will learn about the fundamental Docker container dangers, the principal vulnerabilities we can find in Docker images, and a few services and tools for getting data about these vulnerabilities. Accordingly, designers will have the ability to get insights regarding vulnerabilities in container applications.

Segment 8: Learn Docker secrets and the fundamental components of Docker organizing, including how we can speak with and connect Docker containers. We will likewise survey different ideas like port planning, which Docker utilizes for uncovering the TCP ports that offer types of assistance from the container to the host so clients getting to the host can get to a container's services.

Segment 9: It is critical to characterize an exhaustive methodology to screen your Docker foundation with a local assortment hotspot for occasions, measurements, setups, and records and give sees on the presentation of the central processor, memory, and organization containers.

Segment 10: Learn a portion of the open source tools accessible for Docker container organization, like Portainer, Rancher, and Openshift.

Segment 11: Kubernetes architecture, components, protests, and systems administration model. We will likewise survey various tools for working with Kubernetes, making sense of minikube as the fundamental instrument for sending a group.

Segment 12: Kubernetes security and best practices for getting components and cases by applying the rule of least honor in Kubernetes.

Segment 13: Kubernetes security and Kubernetes seat for security venture to execute controls reported in CIS Kubernetes Benchmark guide. We will likewise survey principal security projects for examining security in Kubernetes components and more basic vulnerabilities found in Kubernetes over the most recent couple of years.

Segment 14: Survey creation capacities while running Kubernetes. We will initially dissect discernibleness and observing with regards to Kubernetes, and then, at that point, we will survey Kubernetes dashboard for getting measurements in your group. You will take a gander at the Kubernetes stack for perceptibility and observing with Prometheus and Grafana.

Who this course is for:

• DevOps engineers
• Programmers
• Chiefs who wish to apply security on their DevOps projects
• Computer programming understudies
• Software engineering understudies
• Cybersecurity experts
• Programming engineers

 

Educator

Martin Yanev

Computer programmer | Aviation design specialist | Teacher

• 4.3 Educator Rating
• 2,984 Audits
• 240,783 Understudies
• 27 Courses

I go by Martin Yanev I'm globally acclaimed Programming and Aviation design specialist.

I have a Four year college education in Aeronautical Designing and an Expert Degree in Aviation Elements. I'm Partner individual from the Imperial Aeronautical Society in the Unified Realm. I'm ISTQB guaranteed with strong involvement with frameworks test/mix.

I have acquired my strong programming abilities over the most recent 7 years by creating and testing complex programming calculations for Aviation applications. I'm as of now engaged with the Single European Sky Task that expects to expand the European airspace limit by applying state of the art Air Traffic The executives Frameworks.

Go ahead and reach me on any theme connected with Software engineering and Advanced plane design as I'm genuinely inspired by this fields.

I want to believe that you partake in my courses and further develop your profession development with them.