SecurityIntermediate

DevSecOps Essentials

Integrate security into every stage of your pipeline — container scanning, supply chain security, policy enforcement, secrets management, and dependency auditing.

Amara Okafor5 chapters6 hours

Start Course

Chapters

Container Image Scanning with Trivy

Set up Trivy for vulnerability scanning in your CI pipeline and enforce severity-based gates.

Read chapter8 min read

Supply Chain Security with Sigstore and Cosign

Sign and verify container images with keyless signing to prove provenance and integrity.

Read chapter9 min read

OPA Gatekeeper Admission Policies

Write ConstraintTemplates and Constraints to enforce organizational policies at the API server level.

Read chapter10 min read

SOPS Encrypted Secrets for GitOps

Encrypt secrets in Git with Mozilla SOPS so your GitOps workflow never leaks credentials.

Read chapter10 min read

Dependency Vulnerability Scanning in CI

Automate dependency audits in your pipeline to stop shipping known CVEs to production.

Read chapter8 min read