AZ 400: Implement security and validate code bases for compliance
- Offered byMicrosoft
AZ 400: Implement security and validate code bases for compliance at Microsoft Overview
Duration | 1 hour |
Total fee | Free |
Mode of learning | Online |
Schedule type | Self paced |
Difficulty level | Advanced |
Official Website | Explore Free Course |
Credential | Certificate |
AZ 400: Implement security and validate code bases for compliance at Microsoft Course details
- Introduction to Secure DevOps
- Implement open-source software
- Software Composition Analysis
- Static analyzers
- OWASP and Dynamic Analyzers
- Security Monitoring and Governance
- This learning path explores an infrastructure and configuration strategy and appropriate toolset for a release pipeline and application infrastructure
- It explains compliance and security implementation in your application infrastructure
- This course introduces DevSecOps concepts, SQL injection attacks, threat modeling, and security for continuous integration
- This course explores open-source software and corporate concerns with software components
- This course explains Composition Analysis, how to inspect and validate code bases for compliance, integration with security tools, and integration with Azure Pipelines
- This course describes security monitoring and governance with Microsoft Defender for Cloud and its usage scenarios, Azure Policies, Microsoft Defender for Identity, and security practices related to the tools
AZ 400: Implement security and validate code bases for compliance at Microsoft Curriculum
Introduction to Secure DevOps
Introduction
Describe SQL injection attack
Understand DevSecOps
Explore Secure DevOps Pipeline
Explore key validation points
Explore continuous security validation
Understand threat modeling
Exercise threat modeling
Knowledge check
Summary
Implement open-source software
Introduction
Explore how software is built
What is open-source software
Explore corporate concerns with open-source software components
Introduction to open-source licenses
Explore common open-source licenses
Examine license implications and ratings
Knowledge check
Summary
Software Composition Analysis
Introduction
Inspect and validate code bases for compliance
Explore software composition analysis
Integrate WhiteSource with Azure DevOps pipeline
Implement GitHub Dependabot alerts and security updates
Integrate software composition analysis checks into pipelines
Examine tools for assess package security and license rate
Interpret alerts from scanner tools
Implement Security and Compliance in an Azure Pipeline
Knowledge check
Summary
Static analyzers
Introduction
Explore SonarCloud
Explore CodeQL in GitHub
Manage technical debt with SonarCloud and Azure DevOps
Knowledge check
Summary
OWASP and Dynamic Analyzers
Introduction
Plan Implement OWASP Secure Coding Practices
Explore OWASP ZAP penetration test
Explore OWASP ZAP results and bugs
Knowledge check
Summary
Security Monitoring and Governance
Introduction
Implement pipeline security
Explore Microsoft Defender for Cloud
Examine Microsoft Defender for Cloud usage scenarios
Explore Azure Policy
Understand policies
Explore initiatives
Explore resource locks
Explore Azure Blueprints
Understand Microsoft Defender for Identity
Knowledge check
Summary