Useful Links
Computer Science
Cybersecurity
DevSecOps and Securing CI/CD Pipelines
1. Foundations of DevSecOps
2. Understanding CI/CD Pipelines
3. Securing the Pre-Commit and Source Code Stage
4. Securing the Build Stage
5. Securing the Test Stage
6. Securing the Deployment Stage
7. Security in Operations and Post-Deployment
8. DevSecOps Tools and Technologies
9. Culture, Governance, and Organizational Change
Securing the Deployment Stage
Infrastructure as Code Security
IaC Security Fundamentals
Infrastructure Security Principles
Configuration Drift Prevention
Immutable Infrastructure Benefits
Terraform Security
Terraform Security Best Practices
Terraform State File Security
Terraform Module Security
Terraform Scanning Tools
Checkov
Terrascan
tfsec
CloudFormation Security
CloudFormation Template Security
Stack Policy Implementation
CloudFormation Scanning Tools
cfn-nag
Stelligent cfn_nag
Ansible Security
Ansible Playbook Security
Vault Integration
Ansible Security Scanning
Role-Based Security Implementation
Kubernetes Security
Kubernetes Manifest Security
Pod Security Standards
Network Policy Implementation
RBAC Configuration
Policy as Code Implementation
Open Policy Agent Integration
Rego Policy Language
Policy Testing and Validation
Policy Enforcement Points
Secrets Management
Secret Management Challenges
Hardcoded Secret Risks
Secret Sprawl Problems
Secret Rotation Requirements
Audit and Compliance Needs
Centralized Secret Management Solutions
HashiCorp Vault
Vault Architecture and Components
Secret Engines
Authentication Methods
Policy Management
Vault Integration Patterns
AWS Secrets Manager
Secret Storage and Retrieval
Automatic Rotation
Cross-Service Integration
IAM Integration
Azure Key Vault
Key and Secret Management
Certificate Management
Access Policies
Integration with Azure Services
Google Secret Manager
Kubernetes Secrets Management
Secret Injection and Runtime Access
Environment Variable Injection
File-Based Secret Mounting
Init Container Patterns
Sidecar Container Patterns
Service Mesh Secret Management
Secret Lifecycle Management
Secret Creation and Provisioning
Secret Rotation Strategies
Secret Revocation
Secret Auditing and Monitoring
Container Registry and Artifact Security
Container Registry Security
Registry Access Control
Registry Vulnerability Scanning
Registry Content Trust
Private Registry Management
Image Security and Integrity
Image Signing with Docker Content Trust
Notary Implementation
Image Provenance Verification
Supply Chain Attack Prevention
Artifact Repository Security
Binary Repository Security
Artifact Scanning and Analysis
Artifact Lifecycle Management
Repository Access Control
Deployment Security Controls
Deployment Policy Enforcement
Policy Definition and Management
Automated Policy Validation
Deployment Gate Implementation
Exception Handling Processes
Runtime Security Configuration
Security Context Configuration
Resource Limits and Quotas
Network Security Policies
Service Mesh Security
Zero-Trust Deployment Principles
Identity-Based Access Control
Micro-Segmentation
Continuous Verification
Least Privilege Access
Previous
5. Securing the Test Stage
Go to top
Next
7. Security in Operations and Post-Deployment