Skip to content
/ ssc Public

A repository with training material for a Secure Supply Chain Course

License

Notifications You must be signed in to change notification settings

3r1co/ssc

Repository files navigation

Introduction

This training material is part of the Secure Supply Chain Course of ISEN Toulon.

The course takes place over four days and intends to give students an overview of all technologies that are revolving around Continuous Integration and Delivery with a special focus on "cloud" technologies.

Day 1

  1. Prerequisites
  2. Docker Lab
  3. Kubernetes Lab
  4. Getting Started on Github
  5. Github Actions
  6. CI with Github Actions and Docker

Day 2

  1. Getting Started with AWS
  2. Cloudformation Deployment
  3. Deploy Containers with ECS
  4. Cloudformation Linting
  5. EKS deployment

Day 3

  1. Juice Shop
  2. Static Code Analysis
  3. 3rd Party Dependency Check
  4. Container Vulnerability Scanning
  5. Dynamic Application Security Scanning

Day 4

  1. Jenkins CI Server
  2. Build Docker with Jenkins and Kaniko
  3. Kubernetes Pod Security Policies
  4. Kubernetes Network Security Policies
  5. Write your own Gitub Action
  6. DefectDojo