Hands-On DevSecOps: Secure CI/CD with Jenkins on AWS

Hands-On DevSecOps: Secure CI/CD with Jenkins on AWS free download

Implement DevSecOps with SAST, SCA, and DAST using Sonar, Snyk, OWASP ZAP, and SonarQube in a Jenkins Pipeline.

DevSecOps stands for development, security, and operations. It is an extension of the DevOps practice.

This course will cover everything you need to know to get started and be successful in DevSecOps. It includes hands-on demos, walkthroughs, quizzes, and presentations.

The course provides downloadable source code and links to all the tools and websites mentioned so that you can use them in your local environment and follow along at your own pace.

Key topics covered are:

Module 1: Introduction of DevsecOps

Introduction of DevsecOps

Benefits of DevSecOps

DevSecOps vs. DevOps

Module 2: Overview of Maven Tool

Maven Lifecycle: Default, Clean & Site

Repositories used in Maven

Lab - Build the Springboot package in AWS Environment

Lab: Location of Artifacts & built package dependencies

Lab: Exploring pom.xml file

Lab: Access the package application

Lab: Exploring dependencies of a built package

Lab: Build Lifecycle

Lab: Lab: Create a Web Application Project Using Maven

Module 3: Integrate SAST using Sonarcloud (Software as a Service - SaaS) in DevSecOps

Overview of SAST - Static Application Security Testing

Create a Jenkins Server

Install Maven, git, Java, Jenkins etc.

Configure Jenkins

Install suggested Plugins

Dashboard of Jenkins

Integrate Maven with Jenkins

Build the package -  Springboot Maven Micro Project

Configure Sonarcloud - cloud-based clean code

Add a stage Compile and Run the Sonar Analysis in Jenkins Pipeline

Generate Security Tokens from Sonarcloud

Sonar Code Analysis on Vulnerable Project (Bugs, Security issues)

Module 4: Integrate SAST using SonarQube in DevSecOps

Create a SonarQube Server

Run Sonarqube Service

Access SonarQube Server via URL

Install SonarQube Scanner Plugins

Integrate SonarQube with Jenkins

Jenkins Pipeline - Sonar Quality Check 1

Jenkins Pipeline - Sonar Quality Check 2

Module 5: Integrate SCA scan using Snyk in Jenkins Pipeline

About Snyk tool and benefits

Install a CI server - Jenkins Server

Install apache maven on CI Server

Access the CI Server - Jenkins Server

Configure the Jenkins Server

Create a admin user account on Jenkins Server

Create an account on snyk tool

Add snyk-maven-plugin in pom.xml

Run SCA analysis using snyk

SCA analysis report using snyk

Module 6: Build, Scan & Push Docker Image to AWS ECR

Build, Scan & Push Docker Image (Application)  to AWS ECR

Module 7: Deploy the Docker image to a server (Continuous Deployment)

Module 8: Deploy the Application (Docker Image) to EKS Cluster

Setup of AWS EKS Cluster

Create a Client to access EKS Cluster

Configure AWS CLI Credentials

Check Cluster status using CLI

Update kubeconfig file

Install Kubectl

Install Eksctl

Troubleshooting - invalid apiVersion error

Create Node group for EKS Cluster

Compute EKS Cluster

Add a new project in Jenkins Pipeline

Create and attach a role to EKS Client

Setup sshagent in Jenkins pipeline

Copy files from Jenkins server to EKS Client

Create a secret key

Troubleshooting

Execute the application manually

Add a stage to copy the pod deployment file

Run the final pipeline - complete CICD

Module 9: Integrate DAST Scan using ZAP tool in Jenkins pipeline

About ZAP tool

Add a stage in Jenkins Pipeline

Installation of ZAP tool

ZAP command

Add a stage to copy zap script in Jenkins Pipeline

Add a stage of DAST using ZAP tool in Jenkins Pipeline

Execute the Jenkins job for DAST Scan

Analyze the console logs of Jenkins Job

Access the zap report using web page

Delete the running eks cluster