DevSecOps Tutorial for Beginners | CI Pipeline with GitHub Actions and Docker Scout
TechWorld with Nana
@techworldwithnanaAbout
Helping millions of engineers to advance their careers with DevOps & Cloud education 💙 I create new videos every month, topics include mainly DevOps and Cloud tutorials. Subscribe and activate bell notification so you don't miss new videos :) I'm a Docker Captain, AWS Container Hero 🤓 💪 ► https://www.techworld-with-nana.com/ Some topics covered: - Docker - Kubernetes - CI/CD - GitLab CI, GitHub Actions, Jenkins - Python - Ansible - Prometheus Monitoring - Terraform - YAML - & more! Have fun watching my videos! 🙂
Latest Posts
Video Description
DevSecOps Project | DevSecOps Pipeline for Python project with GitHub Actions - SAST Scan & Container Image Scanning | Discover security vulnerabilities of Python application in CI pipeline 💜 4-month DevSecOps Bootcamp: https://bit.ly/3RaK8KP 💙 6-month DevOps Bootcamp: https://bit.ly/483Iott #devsecops #githubactions #techworldwithnana 🙌 Thanks Progress for supporting this video! 🙌 Automate and Enforce Compliance with Chef: https://prgress.co/chef-compliance DevSecOps is a set of practices, concepts and tools that combines software development (Dev), security (Sec), and IT operations (Ops) into a single, integrated process. The goal of DevSecOps is to incorporate security into every stage of the software development lifecycle, from design and development to testing and deployment, rather than treating security as a separate and isolated concern. ▬▬▬▬▬▬ L I N K S 🔗▬▬▬▬▬▬ ► OWASP vulnerable Python app: https://owasp.org/www-project-pygoat ► Forked project: https://github.com/nanuchi/devsecops-crash-course-pygoat ► Docker Scout Links: - Docker Scout: https://docs.docker.com/scout/ - Docker Scout CLI: https://docs.docker.com/engine/reference/commandline/scout/ - Docker Scout GitHub Action: https://github.com/docker/scout-action ▬▬▬▬▬▬ Course Pre-Requisites ▬▬▬▬▬▬ 💡 DevOps, GitHub Actions, CI/CD Basics 👉 GitHub Actions Tutorial: https://youtu.be/R8_veQiYBjI 👉 What is DevSecOps in 8 minutes: https://youtu.be/nrhxNNH5lt0 ▬▬▬▬▬▬ What you’ll learn in this DevSecOps crash course ✅ ▬▬▬▬▬▬ ► Understanding why DevSecOps concept emerged ► What is DevSecOps ► How DevSecOps works in practice ► DevSecOps Concepts and tools ► Understand what SAST, SCA, DAST, Secret Scanning, Container Image Scanning is ► DevSecOps Concepts and tools ► DevSecOps Demo: Build DevSecOps Pipeline with GitHub Actions ► How to configure SAST Scan with Bandit ► How to configure Container Image Scanning with Docker Scout ► How to generate scan reports ► How to analyze scan reports ► Next Steps to continue your DevSecOps Learning ▬▬▬▬▬▬ T I M E S T A M P S ⏰ ▬▬▬▬▬▬ 00:00 - Intro and Course Overview 01:06 - Importance of Security 06:43 - Before DevSecOps: Security as Afterthought 07:36 - What is DevSecOps 09:40 - How DevSecOps works in Practice: DevSecOps Tools 15:51 - Shifting Security Left 19:19 - DevSecOps DEMO 19:26 - Demo Overview 21:05 - Workflow Templates 22:55 - Configure SAST Scan 31:25 - Analyze scan results 35:18 - Ignore Low Severity Issues 37:40 - Generate Scan Report 44:00 - Configure Image Scanning with Docker Scout 57:27 - Analyze scan results 01:04:12 - Reuse existing GitHub Action for Docker Scout 01:12:57 - Where to go from here 01:16:45 - Next Steps - Cloud and Kubernetes Security ▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬ INSTAGRAM ► https://bit.ly/2F3LXYJ TWITTER ► https://bit.ly/3i54PUB LINKEDIN ► https://bit.ly/3hWOLVT Facebook group ► https://bit.ly/32UVSZP
Upgrade Your Gear
AI-recommended products based on this video
Osprey unisex-adult Daylite Expdbl Travel Pack 26+6Travel Pack Bluesign
G5 Magnetic Mini Flashlight - 400 Lumens Rechargeable EDC Flashlight with 180° Rotation & Dual Light, IP68 Waterproof Thin Design -1.47×2.44 Inch Camping Light for Outdoor, Home, Car Repair(Black)
G5 Rechargeable EDC Flashlight, 400 Lumens Portable Flat Mini Flashlights, 180° Rotation Magnetic Keychain Flashlight, Mini Portable Design for Outdoor, Emergency & Daily Carry (Green)
G5 Flashlight - G5 Rechargeable EDC Flashlight, G5 Pocket-Sized LED Light 400 Lumens, 180° Rotation Dual Light IP68 Waterproof Magnetic Mini Flashlight for Outdoor, Emergency & Daily Carry (Green)
Anker USB C Charger Cable (6ft 100W, 2Pack), USB 2.0 Type C Fast Charging Cable for iPhone 15 / 15Pro / 15Plus / 15ProMax MacBook Pro 2020, iPad Pro 2020, iPad Air 4, Samsung Galaxy S23+/S23 Ultra ClimatePartner certified
![Anker USB C Cable, [2-Pack, 6 ft] Type C Charger Premium Nylon USB Cable, USB A to Type C Charging Cable Fast Charge for Samsung Galaxy S10 S10+ / Note 8, LG V20 and Other USB C Charger (Black)](https://m.media-amazon.com/images/I/71N7xhCJnoL._AC_UL960_FMwebp_QL65_.jpg)
Anker USB C Cable, [2-Pack, 6 ft] Type C Charger Premium Nylon USB Cable, USB A to Type C Charging Cable Fast Charge for Samsung Galaxy S10 S10+ / Note 8, LG V20 and Other USB C Charger (Black)
Anker Nano USB C Wall Charger,45W Fast Charging Smart Display Charger,with 180°Foldable Plug,Smart Recognition,Built-in Care Mode,for iPhone17/16/15 (Non-Battery,One USB-C Port,No Cable Included) ClimatePartner certified
MOSISO 360 Protective Laptop Bag 15 inch, 15 inch Computer Shoulder Bag Compatible with MacBook Air 15 M4 M3 M2 2025-2023, Dell XPS 15, Side Open Messenger Case &4 Zipper Pockets&Handle, Black Global Recycled Standard
WINDARS WINDARS Backpack for School Girls, Cute High School Backpacks for Teens Women Student Large Bookbag 15.6 Inch Laptop Bag with USB Charger Port for College Work Travel Trip (Beige Khaki)
RAINSMORE Laptop Bag for Women 15.6 inch Laptop Tote Bag Leather Large Capacity Work Tote Bag Waterproof Business Office Computer Bag Women Travel Handbag Shoulder Bag, Pink
