This repository contains my notes, hands-on exercises, pipeline examples, and useful resources from the DevSecOps Fundamentals course on Udemy.
This course is designed for professionals interested in cybersecurity, DevOps, and integrating security into CI/CD pipelines. It covers essential tools, practices, and concepts to shift security left in the development lifecycle.
- DevSecOps tools: SAST, DAST, SCA, CNAPP
- Adding security testing to CI/CD pipelines (GitLab YAML examples)
- Security principles: Defense in Depth, Least Privilege, CIA Triad
- Linux security fundamentals
- Secure use of Docker, Kubernetes, and Terraform
- OWASP projects: Top 10, ZAP, ASVS, Cheatsheets
- Security organizations: CISA, CIS, CVEs, CVSS, EPSS
- Securing tools like Git and Jenkins
- Best practices for securing SSH, TLS, HTTP headers, and more
| Folder/File | Description |
|---|---|
notes/ |
Notes and summaries from each section |
demos/ |
Code used in hands-on demos |
pipelines/ |
YAML pipeline examples (standard & secure) |
README.md |
This file |
- Git / GitLab CI/CD
- Docker & Docker Compose
- Jenkins
- Kubernetes
- Terraform
- OWASP ZAP
- Linux CLI
- Security testing tools (SAST, DAST, SCA)
- OWASP Top 10 (2021)
- CIS Benchmarks
- ZAP Scanner
- GitLab CI/CD Documentation
- Terraform Docs
- Kubernetes Docs
I completed the course "DevSecOps Fundamentals - Including Hands-On Demos" by Northern APT on Udemy.
π View Certificate
This repository is for educational and personal learning purposes only.