• Understand the core principles of DevSecOps and how they integrate into modern software delivery pipelines.
• Set up a complete learning environment using Google Cloud Platform, Kubernetes (GKE), and essential DevOps tools.
• Build a secure CI/CD pipeline using Jenkins, Helm, Docker, and Kubernetes.
• Implement Software Composition Analysis (SCA) using OWASP Dependency-Check, Pyraider, and Dependency-Track to identify and manage third-party risks.
• Apply Static Application Security Testing (SAST) using tools like slscan and integrate them into your CI/CD pipeline.
• Conduct Dynamic Application Security Testing (DAST) using OWASP ZAP during deployment stages to catch runtime vulnerabilities.
• Harden container images using Dockle, Trivy, and multi-stage Dockerfiles to reduce the attack surface.
• Manage sensitive credentials and enforce secure secrets injection using HashiCorp Vault with Kubernetes.
• Enforce system-level compliance and infrastructure hardening using InSpec and Ansible as Compliance-as-Code tools.
• Secure Kubernetes workloads by implementing security contexts, Pod security policies, resource limits, and runtime scanning tools like Falco.
• Build and deploy AI/ML and containerized applications securely using GitOps practices with ArgoCD.
• Automate runtime anomaly detection and remediation using Falco and Argo Workflows.
• Understand the Software Bill of Materials (SBOM) and integrate SBOM generation into your pipeline.
• Design an end-to-end secure DevOps pipeline for real-world applications, from code to production, with continuous security monitoring.

Are you building or deploying applications on Kubernetes? Whether you’re a DevOps Engineer, Platform Engineer, or AI/ML Engineer, security can no longer be an afterthought.

This hands-on DevSecOps Bootcamp will help you build secure, production-ready CI/CD pipelines using open-source tools and industry best practices. Learn how to integrate security across the software development lifecycle and ensure your applications are secure by design.

We will walk you through step-by-step labs that combine Jenkins, Kubernetes, ArgoCD, Vault, Trivy, Falco, OWASP ZAP, and other essential tools used in modern DevSecOps workflows.

This course is ideal for teams building cloud-native applications, AI/ML models, or any containerized workload that needs to be deployed securely at scale.

What You Will Learn:

• Core DevSecOps principles and the secure software delivery lifecycle

• How to build a CI/CD pipeline with Jenkins on Kubernetes

• Software Composition Analysis (SCA) using OWASP Dependency-Check, Pyraider, and Dependency-Track

• Static and Dynamic Application Security Testing (SAST & DAST) using slscan and OWASP ZAP

• Securing container images using Trivy, Dockle, and multi-stage Dockerfiles

• Enforcing compliance as code using InSpec and Ansible

• Secrets management using HashiCorp Vault and Kubernetes RBAC

• Runtime security monitoring using Falco with automated response pipelines

• Secure deployment workflows with GitOps using ArgoCD and Kubernetes

Tools and Technologies You Will Use:

• Jenkins, Helm, Kubernetes (GKE), ArgoCD

• Trivy, Dockle, OWASP ZAP, slscan, Pyraider

• Vault, InSpec, Ansible, Falco, Argo Workflows

• Docker, Kubernetes RBAC, GitHub, GitOps

Who Should Take This Course:

• DevOps and Cloud Engineers who want to add security to their toolbelt

• AI/ML Engineers deploying models and services on Kubernetes

• Platform Engineers managing modern microservices at scale

• Security Engineers transitioning to DevSecOps practices

• Developers building containerized applications for production

This is not a theoretical course. You will be working on real-world labs and projects that simulate what modern engineering teams do to secure their software pipelines in production environments.

Whether you’re deploying a machine learning model, a microservice, or a SaaS product — this course will help you ensure that your deployments are secure, scalable, and compliant.

Who this course is for:

• DevOps, Cloud, and Platform Engineers looking to build secure delivery pipelines.
• AI/ML Engineers deploying models and services on Kubernetes or in production environments.
• Developers who want to integrate security into their DevOps workflows.
• Security professionals and SREs transitioning into DevSecOps roles.
• Anyone responsible for deploying, securing, and maintaining modern applications at scale.