GitLab Security Essentials Training
This class covers all of the essential security capabilities of GitLab, including Static Application Security Testing, secret detection, Dynamic Application Security Testing, dependency scanning, container scanning, API security, and compliance. Since most of these features are only available for customers with an Ultimate license, this course is intended for Ultimate customers only.
Ce que vous allez apprendre
- Shift security left and right
- Choose security scanners
- Leverage vulnerability management and vulnerability reports
- Use security best practices
- Solve problems with SAST
- Use best practices for implementing SAST scanners
- Solve problems with secret detection
- Use best practices for implementing secret detection scanners
- View vulnerabilities in merge requests, vulnerability reports, and pipeline reports
- Use best practices for triaging vulnerabilities
- Use AI to resolve vulnerabilities
- Solve problems with dependency scanning
- Use best practices for implementing dependency scanners
- Solve problems with IaC scanning
- Use best practices for implementing IaC scanners
- Solve problems with container scanning
- Use best practices for implementing container scanners
- Solve problems with API security
- Use best practices for implementing API security
- Solve problems with DAST
- Use best practices for implementing DAST scanners
- Solve problems with operational container scanning
- Use best practices for implementing operational container scanners
- Align with common compliance standards
- Identify and enforce compliance requirements
- Track security-related actions
- Gather audit events for processing
- Control what can be pushed to a repository
Prérequis
- GitLab Fundamentals course or equivalent knowledge
- GitLab CI/CD course or equivalent knowledge
- Knowledge of Git, GitLab, or GitLab CI/CD
Public cible
- Project managers, developers, DevSecOps engineers, and security specialists who are using GitLab with the Ultimate license
Programme de la Formation
8 modules pour maîtriser les fondamentaux
Sujets abordés
- →Shift security left and right
- →Choose security scanners
- →Leverage vulnerability management and vulnerability reports
- →Use security best practices
Quality Process
SFEIR Institute's commitment: an excellence approach to ensure the quality and success of all our training programs. Learn more about our quality approach
- Lectures / Theoretical Slides — Presentation of concepts using visual aids (PowerPoint, PDF).
- Technical Demonstration (Demos) — The instructor performs a task or procedure while students observe.
- Guided Labs — Guided practical exercises on software, hardware, or technical environments.
The achievement of training objectives is evaluated at multiple levels to ensure quality:
- Continuous Knowledge Assessment : Verification of knowledge throughout the training via participatory methods (quizzes, practical exercises, case studies) under instructor supervision.
- Progress Measurement : Comparative self-assessment system including an initial diagnostic to determine the starting level, followed by a final evaluation to validate skills development.
- Quality Evaluation : End-of-session satisfaction questionnaire to measure the relevance and effectiveness of the training as perceived by participants.
Prochaines sessions
Aucune date ne vous convient ?
Nous organisons régulièrement de nouvelles sessions. Contactez-nous pour connaître les prochaines dates disponibles ou pour organiser une session à la date de votre choix.
S'inscrire à une date personnaliséeFormer plusieurs collaborateurs
- Tarifs dégressifs (plusieurs places)
- Session privée ou sur-mesure
- En présentiel ou à distance