Secure Your CI/CD: A DevSecOps Bootcamp for Modern Developers

Are you building or deploying applications on Kubernetes? If you are a DevOps Engineer, Platform Engineer, or AI/ML Engineer, security should be at the forefront of your development practices, not an afterthought. This hands-on DevSecOps Bootcamp is designed to guide you through the essentials of building secure, production-ready CI/CD pipelines using open-source tools and industry best practices.

Throughout this bootcamp, you will engage in step-by-step labs that integrate key tools such as Jenkins, Kubernetes, ArgoCD, and Vault. Our focus will be on teaching you how to build a secure software development lifecycle, ensuring your applications are secure by design. Not only will you learn about integrating security across the development processes, but you’ll also gain insights into the methodologies that leading organizations utilize to safeguard their infrastructure.

This comprehensive course isn’t just theoretical; it’s practical and hands-on. You will tackle real-world scenarios that modern engineering teams face when securing their software pipelines in production environments, including the deployment of microservices and AI/ML models. With a curriculum tailored for those developing cloud-native applications or managing containerized workloads, you will leave ready to implement robust security measures efficiently and effectively.

What you will learn:

• Understand the core principles of DevSecOps and how they integrate into modern software delivery pipelines.
• Set up a complete learning environment using Google Cloud Platform, Kubernetes (GKE), and essential DevOps tools.
• Build a secure CI/CD pipeline using Jenkins, Helm, Docker, and Kubernetes.
• Implement Software Composition Analysis (SCA) using OWASP Dependency-Check, Pyraider, and Dependency-Track to identify and manage third-party risks.
• Apply Static Application Security Testing (SAST) using tools like slscan and integrate them into your CI/CD pipeline.
• Conduct Dynamic Application Security Testing (DAST) using OWASP ZAP during deployment stages to catch runtime vulnerabilities.
• Harden container images using Dockle, Trivy, and multi-stage Dockerfiles to reduce the attack surface.
• Manage sensitive credentials and enforce secure secrets injection using HashiCorp Vault with Kubernetes.
• Enforce system-level compliance and infrastructure hardening using InSpec and Ansible as Compliance-as-Code tools.
• Secure Kubernetes workloads by implementing security contexts, Pod security policies, resource limits, and runtime scanning tools like Falco.
• Build and deploy AI/ML and containerized applications securely using GitOps practices with ArgoCD.
• Automate runtime anomaly detection and remediation using Falco and Argo Workflows.
• Understand the Software Bill of Materials (SBOM) and integrate SBOM generation into your pipeline.
• Design an end-to-end secure DevOps pipeline for real-world applications, from code to production, with continuous security monitoring.

Course Content:

• Sections: 12
• Lectures: 30
• Duration: 15 hours

Requirements:

• Familiarity with DevOps concepts and basic CI/CD workflows is recommended.
• Prior experience with Docker and Kubernetes is helpful but not mandatory.
• Access to a GCP account or any cloud environment for hands-on labs.
• No deep security knowledge required — everything is explained step by step.

Who is it for?

• DevOps, Cloud, and Platform Engineers looking to build secure delivery pipelines.
• AI/ML Engineers deploying models and services on Kubernetes or in production environments.
• Developers who want to integrate security into their DevOps workflows.
• Security professionals and SREs transitioning into DevSecOps roles.
• Anyone responsible for deploying, securing, and maintaining modern applications at scale.

What are you waiting for to get started?

Enroll today and take your skills to the next level. Coupons are limited and may expire at any time!

👉 Don’t miss this coupon! – Cupón JUL2025BB