Security is a major concern in the DevOps world. There is a constant push for companies to move more quickly, and security teams struggle to keep up with testing. This has led to the rise of a new field: DevSecOps. This course introduces the concept of DevSecOps and explains how an organization can build out a DevSecOps program that helps teams integrate security into the application development pipeline. Learn about the role of APIs, containers, and automation, and how a continuous integration and delivery framework can help your organization run security tests as often as developers want. Instructor Tim Chase also introduces some free tools and resources for starting your DevSecOps journey.

Demande de formation

Learn about the most important security concerns when developing websites, and what you can do to keep your servers, software, and data safe from harm. Instructor Kevin Skoglund explains what motivates hackers and their most common methods of attacks, and then details the techniques and mindset needed to craft solutions for these web security challenges. Learn the eight fundamental principles that underlie all security efforts, the importance of filtering input and controlling output, and smart strategies for encryption and user authentication. Kevin also covers special considerations when it comes to credit cards, regular expressions, source code managers, and databases.

This course is great for developers who want to secure their client's websites, and for anyone else who wants to learn more about web security.

Topics include:

• Why security matters
• What is a hacker?
• How to write a security policy
• Cross-site scripting (XSS)
• Cross-site request forgery (CSRF)
• SQL injection
• Session hijacking and fixation
• Passwords and encryption
• Secure credit card payments

Demande de formation