DevSecOps content preparation is almost done โ
Lots of chapters added around Docker & AWS security โฌ๏ธ
- Docker Image scanning in the release pipeline
- Image scanning in the ECR Docker repository
- Analyzing and resolving the findings of security scans
- AWS security essentials - access management, network security etc
- IAM service in practice - security best practices in AWS
- Secure way of deploying to AWS from CI/CD pipeline. Using IAM roles & temporary access tokens to increase security.
- DAST dynamic application security testing
As always, almost 90% of this are hands-on demo lectures with realistic examples ๐
2 more chapters are still in progress:
- IaC for security and GitOps - release pipeline with security scans for Terraform
- Monitoring & Logging for security in AWS
I will post more details about the actual tools and processes in those chapters in the July newsletter ๐ฉ If you want to receive the email too, be sure to sign up.
I put a lot of time planning the flow of the demos & explanations, because the great content and explanations are just 1 part of the equation, the other part is making sure itโs easy and engaging for the student to follow along. ๐
And having the demo projects laid out in a way, that you engage with the subject & understand in depth, so when you are done, the knowledge isnโt shallow & temporary, but you will remember it long after and will be able to apply it in actual real world projects. That is my absolute goal and something I donโt compromise on.ย I may re-write and re-structure the script 10x until I get it right. So Iโm happy about the final result and Iโm really hyped about releasing it. ๐คฉ
But this was just the preparation. ๐๐ผโโ๏ธ This is a massive project and we still have so many things to do in order to release. I still need to record ๐ everything, finalize the last 2 chapters, then the whole post-production will start, find an experienced DevSecOps engineer who will support our students when they start learning. ๐ค But seeing the progress is definitely motivating ๐
Our goal is basically to make it as comprehensive and valuable as our DevOps bootcamp and be another tool engineers can use to become even more valuable at their company. For the DevOps bootcamp we continuously receive such amazing feedback ๐, (like the one attached ๐คฏ) so this is a good baseline to target ๐ฏ
We also decided to launch this as the 1st part of the DevSecOps bootcamp. And 2-3 months later, we will add the entire K8s-related security in DevSecOps, with secret management, monitoring, k8s network security, policy as code, compliance as code etc. This will probably be my absolute favorite part to work on, becauseโฆ you knowโฆ k8s. ๐
We also released the updated Docker module in DevOps bootcamp and about to release the updated Jenkins module as well. Fresh look ๐ , new UI and up-to-date versions. ๐ Made improvements to make student experience even better and easier.
Wish you all an amazing, positive week ahead! ๐
- Docker Image scanning in the release pipeline
- Image scanning in the ECR Docker repository
- Analyzing and resolving the findings of security scans
- AWS security essentials - access management, network security etc
- IAM service in practice - security best practices in AWS
- Secure way of deploying to AWS from CI/CD pipeline. Using IAM roles & temporary access tokens to increase security.
- DAST dynamic application security testing
As always, almost 90% of this are hands-on demo lectures with realistic examples ๐
2 more chapters are still in progress:
- IaC for security and GitOps - release pipeline with security scans for Terraform
- Monitoring & Logging for security in AWS
I will post more details about the actual tools and processes in those chapters in the July newsletter ๐ฉ If you want to receive the email too, be sure to sign up.
I put a lot of time planning the flow of the demos & explanations, because the great content and explanations are just 1 part of the equation, the other part is making sure itโs easy and engaging for the student to follow along. ๐
And having the demo projects laid out in a way, that you engage with the subject & understand in depth, so when you are done, the knowledge isnโt shallow & temporary, but you will remember it long after and will be able to apply it in actual real world projects. That is my absolute goal and something I donโt compromise on.ย I may re-write and re-structure the script 10x until I get it right. So Iโm happy about the final result and Iโm really hyped about releasing it. ๐คฉ
But this was just the preparation. ๐๐ผโโ๏ธ This is a massive project and we still have so many things to do in order to release. I still need to record ๐ everything, finalize the last 2 chapters, then the whole post-production will start, find an experienced DevSecOps engineer who will support our students when they start learning. ๐ค But seeing the progress is definitely motivating ๐
Our goal is basically to make it as comprehensive and valuable as our DevOps bootcamp and be another tool engineers can use to become even more valuable at their company. For the DevOps bootcamp we continuously receive such amazing feedback ๐, (like the one attached ๐คฏ) so this is a good baseline to target ๐ฏ
We also decided to launch this as the 1st part of the DevSecOps bootcamp. And 2-3 months later, we will add the entire K8s-related security in DevSecOps, with secret management, monitoring, k8s network security, policy as code, compliance as code etc. This will probably be my absolute favorite part to work on, becauseโฆ you knowโฆ k8s. ๐
We also released the updated Docker module in DevOps bootcamp and about to release the updated Jenkins module as well. Fresh look ๐ , new UI and up-to-date versions. ๐ Made improvements to make student experience even better and easier.
Wish you all an amazing, positive week ahead! ๐
