Enterprises
Individuals
Enterprises
Individuals
Menu
Menu
Sign in
Product
Solutions
Pricing
Resources
Learn
Hands-on Labs
Courses
Learning Journeys
Challenges
Cloud Sandboxes
Playgrounds
Measure
Assessments
Tournaments
Certifications
Reports
Integrate
SCORM & LTI
SSO & SCIM
Our Learning Platform
Get Started Today
Book a demo
Get free trial
Contact us
Industries
Manufacturing
Government
Finance
Technology
Healthcare
Defence
Retail
Teams
C-suite
Security Teams
Engineering Teams
For L&D
We’ll help you
Achieve ROI
Achieve Compliance
Reduce Risk
Measurable Increase in Skills
Instructor Led Training
Success Stories
View all
View Enterprise Plans
Resources
E-books
Case studies
Webinars
Blog
Support
AppSecEngineer 101 Guide
Help Center
Discord
Teams
For C-suite
For Engineering Teams
For Product Teams
For L&D
What’s New
View all
How to Successfully Implement Shift-Left Security for Your Organization
Understanding SOC 2 Compliance: A Complete Guide
X
X
X
Beginner

Github Actions for DevSecOps

Step into the Spotlight with AppSec Expertise: Use coupon ‘SKILLUP30’ and get 30% Off on Individual Pro Annual Plans.
Learning Path
DevSecOps
Ideal for
DevOps
Security Engineer
5
Hours
14
Lessons
5
Cloud Labs

GitHub Actions is an API that’s used to automate, customize, and execute software development workflows right in your GitHub repository. Developers and security professionals have found ways to use it to implement automation and CI/CD workflows in DevSecOps.

This course is a deep dive into the use of GitHub Actions in DevSecOps, with practical learning through hands-on labs. We begin with an introduction to both DevSecOps and GitOps. This will transition into a practical segment where you’ll create your own custom GitHub Actions. You’ll even learn to create an Actions-driven workflow for Continuous Integration.

We then explore DevSecOps with GitHub Actions with the help of cookbook-style labs. Here, you’ll implement end-to-end SAST and SCA workflows, as well as automate DAST Checks with GitHub Actions and OWASP ZAP.

This course is a distillation of years of security testing experience, knowledge, and original research across our entire team. We’ve designed our material and labs to reflect real-world techniques and challenges, making it easy for you to gain serious practical experience in automating DevSecOps workflows. When you’ve completed this course, you can implement what you’ve learned in effectively implementing Security in DevOps.

Get STARTED

You might also like these courses

DAST with Jenkins

DAST Automation with OWASP ZAP

SAST with Jenkins

SCA with Jenkins

Source Composition Analysis for DevSecOps

Static Analysis and Code Review for DevSecOps

DevSecOps with Gitlab CI

Nuclei Automation for DevSecOps

Or explore these Learning Paths

AI & LLM Security Learning Path and Collection
Google Cloud Security
Threat Modeling
Kubernetes Security
DevSecOps
Container Security
Azure Security
AWS Security
Advanced Application Security
Application Security Essentials

Labs

Building a Pipeline Github Actions

Scanning Insecure Code with NodeJSScan and Github Actions
Running an NPM Audit in Github Actions

Security Testing with ZAP and GitHub Actions

Container Security Scanning with Github Actions

Course Content

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X
QUICK LINKS
Sign InSign UpPrivacy Policy
E-BOOKS
Beginner's Guide to
a Career in AppSecTrain your Teams to Fly
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

68 Circular Road, #02-01, 049422, Singapore

Copyright AppSecEngineer © 2023