Security and Compliance in Azure Pipelines
IaC scanning, secret detection, SAST, deployment gates and compliance remediation in Azure Pipelines.
The answer is a layered security pipeline (defense in depth) that intercepts these issues at each stage, well before they reach production.
Sign in to read this course
A free account unlocks all 514 courses. 20 are readable without one.
What's inside
11 sections- 1 Table of Contents
- 2 Introduction to Pipeline Security
- 3 IaC Scanning with PSRule
- 4 Gitleaks – Secret Detection
- 5 SAST – Static Application Security Testing
- 6 Deployment Gates and Environments
- 7 Remediation with Azure Policy
- 8 Compliance Reports and Alerts
- 9 Complete Security Pipeline
- 10 Comparative Tables
- 11 Glossary
More Azure DevOps & IaC courses
View all 9AZ-400: Designing and Implementing Microsoft DevOps Solutions
The full AZ-400 blueprint — source control, pipelines, artifacts, IaC, security and monitoring.
AZ-400: Build and Release Pipelines
Create and configure YAML pipelines, testing strategies, deployments, package management and IaC.
AZ-400: Source Control
Git workflows, Azure Repos and GitHub, branching strategies and data recovery.
AZ-400: Security and Compliance
Shift-left security, GitHub Advanced Security, Key Vault, OIDC workload identity and container scanning.
AZ-400: Processes and Communications
DevOps workflow, flow of work, traceability, dashboards, metrics and a culture of collaboration.
Azure Repos and Build Automation with Pipelines
Source control with Azure Repos, YAML pipelines, pull requests, tests and Azure Artifacts.
Interested in this course?
Contact us to book it or get a custom training plan for your team.