Useful Links
Computer Science
Cybersecurity
DevSecOps and Securing CI/CD Pipelines
1. Foundations of DevSecOps
2. Understanding CI/CD Pipelines
3. Securing the Pre-Commit and Source Code Stage
4. Securing the Build Stage
5. Securing the Test Stage
6. Securing the Deployment Stage
7. Security in Operations and Post-Deployment
8. DevSecOps Tools and Technologies
9. Culture, Governance, and Organizational Change
Securing the Build Stage
Static Application Security Testing
SAST Fundamentals
Static Analysis Principles
Source Code Analysis Techniques
Abstract Syntax Tree Analysis
Data Flow Analysis
SAST Tool Integration
Commercial SAST Tools
Veracode Static Analysis
Checkmarx SAST
Fortify Static Code Analyzer
Open Source SAST Tools
SonarQube Security
Semgrep
CodeQL
Bandit for Python
Tool Selection Criteria
Pipeline Integration Strategies
SAST Results Management
Vulnerability Prioritization
False Positive Handling
Remediation Workflow Integration
Security Debt Management
SAST Customization and Tuning
Custom Rule Development
Rule Set Configuration
Baseline Establishment
Performance Optimization
Software Composition Analysis
Open Source Component Management
Dependency Discovery and Inventory
Component Lifecycle Management
Vendor Risk Assessment
Vulnerability Management for Dependencies
CVE Database Integration
Vulnerability Scoring and Prioritization
Automated Vulnerability Alerts
Patch Management for Dependencies
License Compliance and Risk Management
License Type Classification
License Compatibility Analysis
Legal Risk Assessment
Compliance Reporting
Software Bill of Materials
SBOM Generation and Maintenance
SBOM Standards and Formats
SPDX Format
CycloneDX Format
SWID Tags
SBOM Distribution and Sharing
Supply Chain Transparency
Container Security in Build Stage
Base Image Security
Secure Base Image Selection
Base Image Vulnerability Scanning
Base Image Update Management
Minimal Base Image Strategies
Container Image Hardening
Image Layer Optimization
Unnecessary Package Removal
Security Configuration
User and Permission Management
Dockerfile Security Analysis
Dockerfile Best Practices
Security Anti-Patterns Detection
Automated Dockerfile Scanning
Dockerfile Linting Tools
Container Image Scanning
Vulnerability Scanning Tools
Clair
Trivy
Anchore Engine
Twistlock/Prisma Cloud
Malware Detection
Configuration Assessment
Build Environment Security
Build Infrastructure Hardening
Build Server Security
Network Segmentation
Access Control Implementation
Build Process Integrity
Build Reproducibility
Build Artifact Signing
Build Environment Isolation
Supply Chain Security
Build Tool Security
Third-Party Integration Security
Build Pipeline Tampering Prevention
Previous
3. Securing the Pre-Commit and Source Code Stage
Go to top
Next
5. Securing the Test Stage