90DaysOfDevOps/2023.md

90DaysOfDevOps

English Version | 한국어 | Tiếng Việt

This repository is used to document my journey on getting a better foundational knowledge of "DevOps".

If you have questions and want to get involved then join the discord and share your questions and stories with the community.

Or contact us via Twitter, my handle is @MichaelCade1 you can find the authors for 2023 also on Twitter linked below.

List of Topics

Topic	Author	Date	Twitter Handle
DevSecOps	Michael Cade	1st Jan - 6th Jan	@MichaelCade1
Secure Coding	Prateek Jain	7th Jan - 13th Jan	@PrateekJainDev
Continuous Build, Integration, Testing	Anton Sankov and Svetlomir Balevski	14th Jan - 20th Jan	@a_sankov
Continuous Delivery & Deployment	Anton Sankov	21st Jan - 27th Jan	@a_sankov
Runtime Defence & Monitoring	Ben Hirschberg	28th Jan - 3rd Feb	@slashben81
Secrets Management	Bryan Krausen	4th Feb - 10th Feb	@btkrausen
Python	Rishab Kumar	11th Feb - 17th Feb	@rishabk7
AWS	Chris Williams	18th Feb - 24th Feb	@mistwire
OpenShift	Dean Lewis	25th Feb - 3rd Mar	@saintdle
Databases	Taylor Riggan & Andrew Pruski	4th Mar - 10th Mar	@triggan & @dbafromthecold
Serverless	Kristi Perreault	11th Mar - 17th Mar	@kperreault95
Service Mesh	Marino Wijay	18th Mar - 24th Mar	@virtualized6ix
Engineering for Day 2 Ops	Alistair Hey	25th Mar - 31st Mar	@alistair_hey

Progress

• [✔️] ♾️ 1 > 2022 Reflection & Welcome 2023

DevSecOps

• [✔️] ♾️ 2 > The Big Picture: DevSecOps
• [✔️] ♾️ 3 > Think like an Attacker
• [✔️] ♾️ 4 > Red Team vs. Blue Team
• [✔️] ♾️ 5 > OpenSource Security
• [✔️] ♾️ 6 > Hands-On: Building a weak app

Secure Coding

• [✔️] 🔐 7 > Secure Coding Overview
• [✔️] 🔐 8 > SAST Overview
• [✔️] 🔐 9 > SAST Implementation with SonarCloud
• [✔️] 🔐 10 > Software Composition Analysis Overview
• [✔️] 🔐 11 > SCA Implementation with OWASP Dependency Check
• [✔️] 🔐 12 > Secure Coding Practices
• [✔️] 🔐 13 > Additional Secure Coding Practices

Continuous Build, Integration, Testing

• [✔️] ⚒️ > Container Image Scanning
• [✔️] ⚒️ > Container Image Scanning Advanced
• [✔️] ⚒️ > Fuzzing
• [✔️] ⚒️ > Fuzzing Advanced
• [✔️] ⚒️ > DAST
• [✔️] ⚒️ > IAST
• [✔️] ⚒️ > Practical Lab on IAST and DAST

Continuous Delivery & Deployment

• [✔️] 🚚 21 > Continuous Image Repository Scan
• [✔️] 🚚 22 > Continuous Image Repository Scan - Container Registries
• [✔️] 🚚 23 > Artifacts Scan
• [✔️] 🚚 24 > Signing
• [✔️] 🚚 25 > Systems Vulnerability Scanning
• [✔️] 🚚 26 > Containers Vulnerability Scanning
• [✔️] 🚚 27 > Network Vulnerability Scan

Runtime Defence & Monitoring

• [✔️] 🏃 28 > System monitoring and auditing
• [✔️] 🏃 29 > Application level monitoring
• [✔️] 🏃 30 > Detecting suspicious application behavior
• [✔️] 🏃 31 > Runtime network protections and policies
• [✔️] 🏃 32 > Vulnerability and patch management
• [✔️] 🏃 33 > Application runtime and network policies
• [✔️] 🏃 34 > Runtime access control

Secrets Management

• [✔️] 🕵 35 > Understanding the Importance of Secrets Management
• [✔️] 🕵 36 > Securing Secrets with HashiCorp Vault
• [✔️] 🕵 37 > Working with HashiCorp Vault's Secrets Engines
• [✔️] 🕵 38 > Increase the Security Posture of Your Organization with Dynamic Credentials
• [✔️] 🕵 39 > Getting Hands-On with HashiCorp Vault
• [] 🕵 40 >
• [] 🕵 41 >

Python

• [✔️] 🐍 42 > Programming Language: Introduction to Python
• [✔️] 🐍 43 > Python Loops, functions, modules and libraries
• [✔️] 🐍 44 > Data Structures and OOP in Python
• [✔️] 🐍 45 > Debugging, testing and Regular expression
• [✔️] 🐍 46 > Web development in Python
• [✔️] 🐍 47 > Automation with Python
• [✔️] 🐍 48 > Let's build an App in Python

AWS

• [✔️] ☁️ 49 > AWS Cloud Overview
• [✔️] ☁️ 50 > Create Free Tier Account & Enable Billing Alarms
• [✔️] ☁️ 51 > Infrastructure as Code (IaC) and CloudFormation
• [✔️] ☁️ 52 > Identity and Access Management (IAM)
• [✔️] ☁️ 53 > AWS Systems Manager
• [✔️] ☁️ 54 > AWS CodeCommit
• [✔️] ☁️ 55 > AWS CodePipeline

Red Hat OpenShift

• [✔️] ⛑️ 56 > What does Red Hat OpenShift bring to the party? An Overview
• [✔️] ⛑️ 57 > Understanding the OpenShift Architecture, Installation Methods and Process
• [✔️] ⛑️ 58 > Deploying Red Hat OpenShift on VMware vSphere
• [✔️] ⛑️ 59 > Deploying applications and getting a handle on Security Constraints Context (SCC)
• [✔️] ⛑️ 60 > Looking at OpenShift Projects - Creation, Configuration and Governance
• [✔️] ⛑️ 61 > Understanding Authentication, Role-Based Access Control (RBAC) and Auditing in Red Hat OpenShift: Control and Secure Your Cluster
• [✔️] ⛑️ 62 > Compliance and Vulnerability Scanning provided by Red Hat OpenShift Operators

Databases

• [✔️] 🛢 63 > An introduction to databases
• [✔️] 🛢 64 > Querying data in databases
• [✔️] 🛢 65 > Backing up and restoring databases
• [✔️] 🛢 66 > High availability and disaster recovery
• [✔️] 🛢 67 > Performance tuning
• [✔️] 🛢 68 > Database security
• [✔️] 🛢 69 > Monitoring and troubleshooting database issues

Serverless

• [✔️] 👩🏿‍💻 70 > What is Serverless?
• [✔️] 👩🏿‍💻 71 > Serverless Compute
• [✔️] 👩🏿‍💻 72 > Serverless Storage
• [✔️] 👩🏿‍💻 73 > Serverless APIs
• [✔️] 👩🏿‍💻 74 > Serverless Orchestration
• [✔️] 👩🏿‍💻 75 > Serverless & Well Architected
• [✔️] 👩🏿‍💻 76 > Serverless - Beyond the Basics

Service Mesh

• [✔️] 🧩 77 > Let's break down a Service Mesh
• [✔️] 🧩 78 > Install and Test a Service Mesh
• [✔️] 🧩 79 > Comparing Different Service Meshes
• [✔️] 🧩 80 > Traffic Engineering Basics
• [✔️] 🧩 81 > Observability in your Mesh
• [✔️] 🧩 82 > Securing your microservices
• [✔️] 🧩 83 > Sidecar or Sidecar-less? Enter Ambient Mesh

Engineering for Day 2 Ops

• [✔️] 👷🏻‍♀️ 84 > Writing an API - What is an API?
• [✔️] 👷🏻‍♀️ 85 > Queues, Queue workers and Tasks (Asynchronous architecture)
• [✔️] 👷🏻‍♀️ 86 > Designing for Resilience, Redundancy and Reliability
• [✔️] 👷🏻‍♀️ 87 > Zero Downtime Deployments
• [✔️] 👷🏻‍♀️ 88 > Monitoring, Alerting and On-Call
• [✔️] 👷🏻‍♀️ 89 > Oops: When something goes wrong - Post Mortems

2023 wrap up

• [✔️] 🏁 90 > Wrapping up the 2023 edition