DevSecOps - Kubernetes DevOps & Security
Introduction
Tools Explored in this course
In this DevSecOps–focused course, you’ll discover essential security tools and technologies that harden your CI/CD pipeline. This lesson provides a high-level introduction to each tool, covering:
- What the tool does
- Why it matters in a secure CI/CD workflow
- How it integrates into your overall DevSecOps process
Course Structure
We’ll explore each category over four detailed sections:
- Static Code Analysis
- Dependency & Package Management
- Container & Infrastructure Scanning
- Runtime Protection & Secrets Management
Running Example: Spring Boot Application
All demonstrations use a Spring Boot application. While some tools are Spring Boot–specific, the concepts and workflows apply broadly across other ecosystems.
Ecosystem-Specific Recommendations
Many of the security tools we cover support multiple languages and frameworks. Here are links to the official sites for alternative ecosystems:
| Ecosystem | Official Site |
|---|---|
| Node.js | https://nodejs.org |
| Ruby | https://www.ruby-lang.org |
| Python | https://www.python.org |
| .NET | https://dotnet.microsoft.com |
Continuous Updates & Feedback
We continuously update this course with new security tools and best practices. For the latest tool list, check the upcoming lessons or the course changelog.
Feedback Welcome
If there’s a specific tool you’d like us to cover, leave a comment below. We value your input and will add popular requests to future updates.
Thank you for joining this DevSecOps journey!
Watch Video
Watch video content