Prerequisites
Author: Damien Burks
Overview​
Before diving into the core concepts and theories of DevSecOps, it's important to build a solid foundation with some essential background knowledge. The topics/concepts that I am going to recommend will be extremely beneficial for you to understand, because it's the foundational pieces of DevSecOps.
Concepts You'll Need To Know​
You should check out this video below, and look at everything in the table before proceeding:
Concept | Reason(s) You Need To Know It | Resources |
---|---|---|
DevOps | Grasp the principles of DevOps, including the culture of collaboration, automation, and continuous integration/continuous deployment (CI/CD). A solid understanding of DevOps practices is crucial as DevSecOps builds on these foundations by integrating security into the development process. | |
Linux and Bash Scripting | Familiarity with Linux is essential, as it's a common environment in DevSecOps workflows. You'll need to know how to navigate the Linux command line, manage files and processes, and automate tasks using Bash scripting. This knowledge will be key as you begin to secure and automate processes within your infrastructure. | |
Programming Concepts | A basic understanding of programming is necessary for DevSecOps. You'll be working with various scripts, tools, and automation processes that require coding skills. Whether you're familiar with Python, Java, or another language, being comfortable with programming concepts will enable you to create and manage secure, automated workflows effectively. | |
Networking | Understanding the basics of networking is vital for securing and managing infrastructure. You'll need to know about IP addressing, DNS, firewalls, and common protocols (HTTP, HTTPS, FTP). This knowledge will help you configure and secure networks, which is a critical aspect of DevSecOps practices. | |
Basic Security Concepts | A solid grasp of fundamental security concepts is essential. This includes knowledge of encryption, authentication, access control, and common security threats like malware and phishing. Understanding these concepts will enable you to identify potential vulnerabilities and implement security measures to protect your infrastructure and applications. |