Sonatype

×
Sign In

Lesson Category: DevSecOps

How Are Your Open Source Software Components Being Managed (Or Not)?

According to the 2019 DevSecOps Community Survey, nearly 40% of software development organizations with 100 developers or less believe their current infosec teams/processes are slowing them down; nearly 53% of software development organizations with more than 5000 developers believe their current infosec teams/processes are slowing them down. When integral security processes are at odds with …

How Are Your Open Source Software Components Being Managed (Or Not)? Read More »

Course Summary

Congratulations!You have completed this course.  You are now able to: Define DevSecOps, an extension of DevOps, which includes “pushing quality closer to the source” and “shifting security left” in the software development lifecycle (SDLC). Explain why DevSecOps is relevant for all modern software development organizations. List three ways legacy security processes can produce unintended outcomes for …

Course Summary Read More »

Exercise

In Lesson 1, What is DevSecOps?, you were introduced to the term DevSecOps, learned how legacy security processes can often prevent DevSecOps principles from taking hold, and learned a few key practices that organizations operating with a DevSecOps approach might take to integrate security in their SDLC. In Lesson 2, Why DevSecOps?, you learned why …

Exercise Read More »

Summary – Lesson 2

You have completed Lesson 2.  You are now able to: Understand the concept of a software supply chain, its risks, and how it applies to modern software development. List three ways legacy security processes can produce unintended outcomes for software developers. Present three compelling reasons that adopting a DevSecOps process makes good business sense for …

Summary – Lesson 2 Read More »

Lesson 3 Title DevSecOps100

By the end of this lesson, you will be able to: Objective Statement One Objective Statement Two Objective Statement Three <Heading Title> Content for heading ^^^ <Heading Title> Content for heading ^^^ Add and remove as needed Review this video to …

Summary – Lesson 1

You have completed Lesson 1.  You are now able to: Define DevSecOps, an extension of DevOps, which includes “pushing quality closer to the source” and “shifting security left” in the software development lifecycle (SDLC). Explain one cultural reason why DevSecOps principles may not always be easy to put into practice. List three practices that organizations …

Summary – Lesson 1 Read More »

Prioritizing OSS Component Management in Your DevSecOps Strategy

Objectives By the end of this lesson, you will be able to: Explain the concept of a software supply chain, its risks, and how it applies to modern software development. List three ways legacy security processes can produce unintended outcomes for software developers. Present three compelling reasons that adopting a DevSecOps process makes good business …

Prioritizing OSS Component Management in Your DevSecOps Strategy Read More »

Welcome to DevSecOps 100

This course will help familiarize you with the term DevSecOps, help you understand how it applies to software development, and demonstrate how DevSecOps benefits your organization. Questions for Reflection Consider the following questions. There are no right or wrong answers, just a few questions for reflection before you learn more about the benefits of DevSecOps. …

Welcome to DevSecOps 100 Read More »