mirror of
https://github.com/MichaelCade/90DaysOfDevOps.git
synced 2025-01-13 00:04:57 +07:00
10 KiB
10 KiB
90DaysOfDevOps
Ce dépôt est utilisé pour documenter mon aventure dans la découverte des principes fondamentaux des notions des DevSecOps
Si vous avez des questions et que vous souhaitez vous impliquer dans le projet, vous pouvez rejoindre le discord et partager vos questions avec la communauté.
Ou nous contacter via twitter : @MichaelCade1 Vous pouvez trouver les auteurs des différentes parties de cette édition 2023 dans le tableau suivant
Liste des sujets abordés
Topic | Author | Date | Twitter Handle |
---|---|---|---|
DevSecOps | Michael Cade | 1st Jan - 6th Jan | @MichaelCade1 |
Secure Coding | Prateek Jain | 7th Jan - 13th Jan | @PrateekJainDev |
Continuous Build, Integration, Testing | Anton Sankov and Svetlomir Balevski | 14th Jan - 20th Jan | @a_sankov |
Continuous Delivery & Deployment | Anton Sankov | 21st Jan - 27th Jan | @a_sankov |
Runtime Defence & Monitoring | Ben Hirschberg | 28th Jan - 3rd Feb | @slashben81 |
Secrets Management | Bryan Krausen | 4th Feb - 10th Feb | @btkrausen |
Python | Rishab Kumar | 11th Feb - 17th Feb | @rishabk7 |
AWS | Chris Williams | 18th Feb - 24th Feb | @mistwire |
OpenShift | Dean Lewis | 25th Feb - 3rd Mar | @saintdle |
Databases | Taylor Riggan & Andrew Pruski | 4th Mar - 10th Mar | @triggan & @dbafromthecold |
Serverless | Kristi Perreault | 11th Mar - 17th Mar | @kperreault95 |
Service Mesh | Marino Wijay | 18th Mar - 24th Mar | @virtualized6ix |
Engineering for Day 2 Ops | Alistair Hey | 25th Mar - 31st Mar | @alistair_hey |
Progress
DevSecOps
- [✔️] ♾️ 2 > Vue d'ensemble: DevSecOps
- [✔️] ♾️ 3 > Penser comme un attaquant
- [✔️] ♾️ 4 > Red Team vs. Blue Team
- [✔️] ♾️ 5 > OpenSource Security
- [✔️] ♾️ 6 > Hands-On: Building a weak app
Secure Coding (En cours de traduction)
- [✔️] 🔐 7 > Secure Coding Overview
- [✔️] 🔐 8 > SAST Overview
- [✔️] 🔐 9 > SAST Implementation with SonarCloud
- [✔️] 🔐 10 > Software Composition Analysis Overview
- [✔️] 🔐 11 > SCA Implementation with OWASP Dependency Check
- [✔️] 🔐 12 > Secure Coding Practices
- [✔️] 🔐 13 > Additional Secure Coding Practices
Continuous Build, Integration, Testing
- [✔️] ⚒️ > Container Image Scanning
- [✔️] ⚒️ > Container Image Scanning Advanced
- [✔️] ⚒️ > Fuzzing
- [✔️] ⚒️ > Fuzzing Advanced
- [✔️] ⚒️ > DAST
- [✔️] ⚒️ > IAST
- [✔️] ⚒️ > Practical Lab on IAST and DAST
Continuous Delivery & Deployment
- [✔️] 🚚 21 > Continuous Image Repository Scan
- [✔️] 🚚 22 > Continuous Image Repository Scan - Container Registries
- [✔️] 🚚 23 > Artifacts Scan
- [✔️] 🚚 24 > Signing
- [✔️] 🚚 25 > Systems Vulnerability Scanning
- [✔️] 🚚 26 > Containers Vulnerability Scanning
- [✔️] 🚚 27 > Network Vulnerability Scan
Runtime Defence & Monitoring
- [✔️] 🏃 28 > System monitoring and auditing
- [✔️] 🏃 29 > Application level monitoring
- [✔️] 🏃 30 > Detecting suspicious application behavior
- [✔️] 🏃 31 > Runtime network protections and policies
- [✔️] 🏃 32 > Vulnerability and patch management
- [✔️] 🏃 33 > Application runtime and network policies
- [✔️] 🏃 34 > Runtime access control
Secrets Management
- [✔️] 🕵 35 > Understanding the Importance of Secrets Management
- [✔️] 🕵 36 > Securing Secrets with HashiCorp Vault
- [✔️] 🕵 37 > Working with HashiCorp Vault's Secrets Engines
- [✔️] 🕵 38 > Increase the Security Posture of Your Organization with Dynamic Credentials
- [] 🕵 39 >
- [] 🕵 40 >
- [] 🕵 41 >
Python
- [✔️] 🐍 42 > Programming Language: Introduction to Python
- [✔️] 🐍 43 > Python Loops, functions, modules and libraries
- [✔️] 🐍 44 > Data Structures and OOP in Python
- [✔️] 🐍 45 > Debugging, testing and Regular expression
- [✔️] 🐍 46 > Web development in Python
- [✔️] 🐍 47 > Automation with Python
- [✔️] 🐍 48 > Let's build an App in Python
AWS
- [✔️] ☁️ 49 > AWS Cloud Overview
- [✔️] ☁️ 50 > Create Free Tier Account & Enable Billing Alarms
- [✔️] ☁️ 51 > Infrastructure as Code (IaC) and CloudFormation
- [✔️] ☁️ 52 > Identity and Access Management (IAM)
- [✔️] ☁️ 53 > AWS Systems Manager
- [✔️] ☁️ 54 > AWS CodeCommit
- [✔️] ☁️ 55 > AWS CodePipeline
Red Hat OpenShift
- [✔️] ⛑️ 56 > What does Red Hat OpenShift bring to the party? An Overview
- [✔️] ⛑️ 57 > Understanding the OpenShift Architecture, Installation Methods and Process
- [✔️] ⛑️ 58 > Deploying Red Hat OpenShift on VMware vSphere
- [✔️] ⛑️ 59 > Deploying applications and getting a handle on Security Constraints Context (SCC)
- [✔️] ⛑️ 60 > Looking at OpenShift Projects - Creation, Configuration and Governance
- [✔️] ⛑️ 61 > Understanding Authentication, Role-Based Access Control (RBAC) and Auditing in Red Hat OpenShift: Control and Secure Your Cluster
- [✔️] ⛑️ 62 > Compliance and Vulnerability Scanning provided by Red Hat OpenShift Operators
Databases
- [✔️] 🛢 63 > An introduction to databases
- [✔️] 🛢 64 > Querying data in databases
- [✔️] 🛢 65 > Backing up and restoring databases
- [✔️] 🛢 66 > High availability and disaster recovery
- [✔️] 🛢 67 > Performance tuning
- [✔️] 🛢 68 > Database security
- [✔️] 🛢 69 > Monitoring and troubleshooting database issues
Serverless
- [✔️] 👩🏿💻 70 > What is Serverless?
- [✔️] 👩🏿💻 71 > Serverless Compute
- [✔️] 👩🏿💻 72 > Serverless Storage
- [✔️] 👩🏿💻 73 > Serverless APIs
- [✔️] 👩🏿💻 74 > Serverless Orchestration
- [✔️] 👩🏿💻 75 > Serverless & Well Architected
- [✔️] 👩🏿💻 76 > Serverless - Beyond the Basics
Service Mesh
- [✔️] 🧩 77 > Let's break down a Service Mesh
- [✔️] 🧩 78 > Install and Test a Service Mesh
- [✔️] 🧩 79 > Comparing Different Service Meshes
- [✔️] 🧩 80 > Traffic Engineering Basics
- [✔️] 🧩 81 > Observability in your Mesh
- [✔️] 🧩 82 > Securing your microservices
- [✔️] 🧩 83 > Sidecar or Sidecar-less? Enter Ambient Mesh
Engineering for Day 2 Ops
- [] 👷🏻♀️ 84 > Writing an API - What is an API?
- [] 👷🏻♀️ 85 > Queues, Queue workers and Tasks (Asynchronous architecture)
- [] 👷🏻♀️ 86 > Designing for Resilience, Redundancy and Reliability
- [] 👷🏻♀️ 87 > Zero Downtime Deployments
- [] 👷🏻♀️ 88 > Monitoring, Alerting and On-Call
- [] 👷🏻♀️ 89 > Oops: When something goes wrong - Post Mortems
- [] 👷🏻♀️ 90 >