DSO 305 – Automating CI/CD Pipeline Compliance

Course Overview

The adoption of cloud infrastructure and DevOps requires consistent integration of security to achieve a reliable lifecycle of continuous deployment. Integrating compliance into the CI/CD Pipeline requires a coordinated effort by everyone involved in the development pipeline. This course enables learners to automate the implementation of security tasks across the CI/CD pipeline in adherence to compliance requirements.

Upon successful completion of this course, learners will have the knowledge and skills required to meet compliance requirements while developing a DevSecOps mindset, including:

• Automate scanning and reporting tasks to ensure privacy policies, applicable laws, regulations, and service-level agreements are reviewed and documented for compliance regulations
• Identify and document controls owned by outside parties
• Configure change monitors to identify changes to organizational systems and environments of operation that may affect security and privacy risk
• Verify that all control objectives are met, and all key controls are designed and operating effectively