Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Introduction to DevSecOps for Government
- The significance of integrating security into the DevOps process for government agencies.
- Key principles and practices of DevSecOps for ensuring secure software development and deployment.
Continuous Integration (CI) Security for Government
- Securing code repositories, including GitLab integration with Jenkins for enhanced security in government operations.
- Automated code quality and security analysis using SonarQube to ensure compliance and reliability in government applications.
- Incorporating static code analysis as part of the Jenkins CI pipeline to identify and mitigate vulnerabilities early in the development cycle.
Container Security with Docker for Government
- Creating secure Docker images for government systems to prevent unauthorized access and ensure data integrity.
- Managing Docker image repositories with Harbor to maintain version control and security compliance.
- Best practices for vulnerability scanning and image version control to protect government applications from emerging threats.
Setting up Secure CI/CD Pipelines for Government
- Configuring Jenkins for security integration to support secure continuous delivery processes in government agencies.
- Running a SonarQube analysis to ensure code quality and security standards are met for government applications.
- Generating and securing Docker images to facilitate reliable and secure deployments in government environments.
Securing the Deployment Process with Kubernetes for Government
- Security practices for Kubernetes orchestration to protect government systems during deployment.
- The role of Kubernetes Orchestrator in ensuring secure progressive deployment for government applications.
- Implementing Role-Based Access Control (RBAC) and securing service communication to enhance security in government Kubernetes clusters.
Integrating RabbitMQ, PostgreSQL, and MongoDB for Government
- Secure communication between services to ensure data integrity and confidentiality in government systems.
- Data security practices for PostgreSQL and MongoDB to protect sensitive government information.
- Hardening RabbitMQ for secure messaging to prevent unauthorized access and ensure reliable message delivery in government applications.
Identity and Access Management with Keycloak for Government
- Configuring Keycloak for user authentication and authorization to manage access to government resources securely.
- Managing identity for Kubernetes clusters to ensure secure and compliant access control in government environments.
Implementing Security in Kubernetes for Government
- Deploying applications securely on Kubernetes to meet the stringent security requirements of government operations.
- Integrating Keycloak with Docker and Kubernetes for comprehensive identity management in government systems.
Monitoring and Auditing in DevSecOps for Government
- Continuous monitoring tools and techniques to detect and respond to security incidents in real-time within government environments.
- Auditing deployments and maintaining compliance with regulatory requirements for government agencies.
- A practical guide to automating rollback on security failures to ensure the integrity and availability of government systems.
Summary and Next Steps for Government
Requirements
- An understanding of the DevOps process for government
- Basic working knowledge of Docker containers and Kubernetes orchestration
Audience
- DevOps professionals in the public sector
14 Hours
Testimonials (1)
There were many practical exercises supervised and assisted by the trainer
