DSO 305 - Automating CI/CD Pipeline Compliance
The adoption of cloud infrastructure and DevOps requires consistent integration of security to achieve a reliable lifecycle of continuous deployment. Integrating compliance into the CI/CD Pipeline requires a coordinated effort by everyone involved in the development pipeline. This course enables learners to automate the implementation of security tasks across the CI/CD pipeline in adherence to compliance requirements.
Upon successful completion of this course, learners will have the knowledge and skills required to meet compliance requirements while developing a DevSecOps mindset, including:
- Automate scanning and reporting tasks to ensure privacy policies, applicable laws, regulations, and service-level agreements are reviewed and documented for compliance regulations
- Identify and document controls owned by outside parties
- Configure change monitors to identify changes to organizational systems and environments of operation that may affect security and privacy risk
- Verify that all control objectives are met, and all key controls are designed and operating effectively