Important DevSecOps Tools

Add to wishlistAdded to wishlistRemoved from wishlist 0

Add to compare+

Skill Level	Intermediate
Time to complete	Approx. 1 hour
Projects	Yes

Codecademy

Category: Cybersecurity

Learn DevSecOps essentials: SAST and DAST tools like Bandit, Clean Code, LGTM, OWASP ZAP, and Nikto, plus dependency analysis and IaC security tools. Explore secrets and vulnerability management.

Add your review

Description
Reviews (0)

About this course
DevSecOps stands for development, security, and operations, and is used to inject security earlier in the software development life cycle (SDLC). In this course, you will explore the various categories of DevSecOps, starting with static analysis security testing (SAST) and dynamic analysis security testing (DAST). Next, you will discover common SAST and DAST DevSecOps tools including Bandit, Clean Code, looks good to me (LGTM), OWASP Zed Attack Proxy (ZAP), and Nikto, and examine dependency analysis and related dependency analysis tools. Then, you will investigate infrastructure as code (IaC) security and the leading IaC security tools, including Anchore, Clair, Dagda, OpenSCAP, dockscan, and InSpec. Finally, you will find out how secrets management is used to manage passwords, keys, application programming interfaces (APIs), and tokens, and you will identify the benefits of vulnerability management and assessment practices.
Learning objectives
Discover the key concepts covered in this course
Provide an overview of sast, or static analysis
Describe dast, or dynamic analysis
Show all