Implement security and validate code bases for compliance
This learning path explores an infrastructure and configuration strategy and appropriate toolset for a release pipeline and application infrastructure. It explains compliance and security implementation in your application infrastructure.
Introduction to Secure DevOps This module introduces DevSecOps concepts, SQL injection attacks, threat modeling, and security for continuous integration. Introduction Describe SQL injection attack Understand DevSecOps Explore Secure DevOps Pipeline Explore key validation points Explore continuous security validation Understand threat modeling Explore CodeQL in GitHub Module assessment Summary Implement open-source software This module explores open-source software and corporate concerns with software components. Also, it explains common open-source licenses, license implications, and ratings. Introduction Explore how software is built What is open-source software? Explore corporate concerns with open-source software components Introduction to open-source licenses Explore common open-source licenses Examine license implications and ratings Module assessment Summary Software Composition Analysis This module explains Composition Analysis, how to inspect and validate code bases for compliance, integration with security tools, and integration with Azure Pipelines. Introduction Inspect and validate code bases for compliance Explore software composition analysis (SCA) Implement GitHub Dependabot alerts and security updates Integrate software composition analysis checks into pipelines Examine tools for assess package security and license rate Automate container scanning, including container images Interpret alerts from scanner tools Module assessment Summary Security Monitoring and Governance This module describes security monitoring and governance with Microsoft Defender for Cloud and its usage scenarios, Azure Policies, Microsoft Defender for Identity, and security practices related to the tools. Introduction Implement pipeline security Explore Microsoft Defender for Cloud Examine Microsoft Defender for Cloud usage scenarios Explore Azure Policy Understand policies Explore initiatives Explore resource locks Understand Microsoft Defender for Identity Integrate GitHub Advanced Security with Microsoft Defender for Cloud Configure GitHub Advanced Security for GitHub and Azure DevOps Module assessment Summary