Skip to content

3r1co/ssc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits

.github/workflows

.github/workflows

 
 

.vscode

.vscode

 
 

docs

docs

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

Jenkinsfile

Jenkinsfile

 
 

LICENSE

LICENSE

 
 

default.conf

default.conf

 
 

docker-config.yaml

docker-config.yaml

 
 

mkdocs.yml

mkdocs.yml

 
 

Repository files navigation

Introduction

This training material is part of the Secure Supply Chain Course of ISEN Toulon.

The course takes place over four days and intends to give students an overview of all technologies that are revolving around Continuous Integration and Delivery with a special focus on "cloud" technologies.

Day 1

  1. Prerequisites
  2. Docker Lab
  3. Kubernetes Lab
  4. Getting Started on Github
  5. Github Actions
  6. CI with Github Actions and Docker

Day 2

  1. Getting Started with AWS
  2. Cloudformation Deployment
  3. Deploy Containers with ECS
  4. Cloudformation Linting
  5. EKS deployment

Day 3

  1. Juice Shop
  2. Static Code Analysis
  3. 3rd Party Dependency Check
  4. Container Vulnerability Scanning
  5. Dynamic Application Security Scanning

Day 4

  1. Jenkins CI Server
  2. Build Docker with Jenkins and Kaniko
  3. Kubernetes Pod Security Policies
  4. Kubernetes Network Security Policies
  5. Write your own Gitub Action
  6. DefectDojo

About

A repository with training material for a Secure Supply Chain Course

3r1.co/ssc

Topics

docker kubernetes aws security devops cloudformation actions sonarqube ecs pip clair cicd arachni owasp-zap owasp-dependencycheck devsecops cfn-nag klar eks

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages