Skip to main content
Applicable Cloud Security
Setup
Environment Setup
Terraform Baseline Deployment
Manual Deployment
Content
Day 1 — Identity, Access and RBAC
Day 2 — Network and Data Security
Day 3 — DevSecOps and API Security
Day 4 — Monitoring and Threat Detection
Day 5 — Compliance, Policy & Automation
Challenges
Challenges
Day 3
Mitch Mommers
Less than 1 minute
Catalog
After Lab 3.1 — Recap
After Lab 3.2 — Recap
After Lab 3.3 — Recap
After Lab 3.4 — Recap
After Lab 3.5 — Recap
After Lab 3.6 — Recap
Azure DevOps Secure Files Theory
Before Lab 3.1 — Pipeline Identity and Secure Delivery
Before Lab 3.2 — Quality Gates: Type Checking and Tests
Before Lab 3.3 — Security Gates: Semgrep, Trivy, and SBOM
Before Lab 3.4: Infrastructure-as-Code Security with Checkov
Before Lab 3.5: API Security Testing with OWASP ZAP
Before Lab 3.6: Artifact Promotion, Environment Gates, and Rollback
CI/CD Fundamentals
Day 3 — DevSecOps and API Security
Day 3 Wrap-up — Secure Development Lifecycle
Deployment Strategies Theory
Git Flow and Release Tagging
Persistent vs Non-Persistent Resources
Pipeline Stages and Jobs
What is DevSecOps?