Abstract
This subject will provide an overview of integrating security practices into the software development lifecycle using the Development, Security and Operations (DevSecOps) approach. Students sill learn and apply a range of topics including chain of trust, Linux security, container security, open-source dependency security, application security testing and monitoring.
Syllabus
Introduction to DevSecOpsChain of trust: Secure boot, Operating System, Containers and PatchingOpen source dependency security and complianceApplication security testing and monitoring
Learning outcomes
Upon successful completion of this subject, students should:
1.
describe the principles of DevSecOps and how to integrate security into the software development lifecycle;
2.
describe the chain of trust and how to cryptographically ensure secure boot, operating system, containers and patching;
3.
demonstrate understanding of open-source dependency security and compliance and how to secure open-source libraries;
4.
demonstrate security testing and how to integrate it into the development process.
Assumed knowledge
ITC106 Programming Principles
Enrolment restrictions
Only available to students in the Bachelor of Information Technology and the Bachelor of Computer Science. Students from these courses must be invited by the Course Director to enrol in this subject.
Learning resources
Additional resources required by students
Subject site, video lectures, online resources