AZ-400: Implement security and validate code bases for compliance

DevOps Engineer
Security Engineer
Security Operations Analyst
Service Adoption Specialist
Solution Architect
Technology Manager
Azure Artifacts
Azure Boards
Azure Cloud Services
Azure DevOps
Azure Pipelines
Azure Repos
Azure Test Plans

This learning path explores an infrastructure and configuration strategy and appropriate toolset for a release pipeline and application infrastructure. It explains compliance and security implementation in your application infrastructure.



Modules in this learning path

This module introduces DevSecOps concepts, SQL injection attacks, threat modeling, and security for continuous integration.

This module explores open-source software and corporate concerns with software components. Also, it explains common open-source licenses, license implications, and ratings.

This module explains Composition Analysis, how to inspect and validate code bases for compliance, integration with security tools, and integration with Azure Pipelines.

This module introduces the static analyzers SonarCloud and CodeQL in GitHub.

This module explores OWASP and Dynamic Analyzers for penetration testing, results, and bugs.

This module describes security monitoring and governance with Microsoft Defender for Cloud and its usage scenarios, Azure Policies, Microsoft Defender for Identity, and security practices related to the tools.