DevSecOps for .NET Core

ΓÇïChapter 1: Modern Software EngineeringChapter Goal: This chapter will outline the modern software engineering principles and introduce DevOps as well as requirements and responsibilities of a software engineering team to publish quality software.
No of pages 20
Sub -Topics
1. Software Design
2. Solutions on the Internet
3. Multicultural Customers
4. Changing Market
5. Security and Compliance Requirements
Chapter 2: DevOps with Security Chapter Goal: This is a practical topic and discusses DevOps pipelines as a mode of automation for software production and outlines important tasks in DevOps where automation can inject security principles to improve product quality.
No of pages: 20-25
Sub - Topics
1. DevOps in a Nutshell
2. Securing Software
3. Quality Assurance
4. Pre-commit testing
5. HTTP vs SSH
Chapter 3: Writing Secure Code Chapter Goal: This chapter discusses the development phase of DevOps pipeline and outlines how to improve software quality and decrease friction in later stages by preventing known vulnerabilities and code flaws before hand. During this chapter we will explore code issues such as SQL Injection prevention, Cross-site scripting, and other similar issues.
No of pages : 45
Sub - Topics:
1. Write Less, Write Secure
2. Developer Training
3. Runtime Selection and Configuration
4. Microservices: Separation of Concerns
5. Authentication in Services

Chapter 4: Automating Everything as Code Chapter Goal: We discuss the steps necessary to make security, compliance, audit, and UX automated to decrease decoupling and friction in the departments, and introduce key factors that help improve build and hosting environments, which will be discussed in detail in later chapter.
No of pages:40-45
Sub - Topics:
1. Version Control and Audit
2. Hosted Code Storage
3. Infrastructure as Code
4. Automating Security
5. Compliance and Policies
6. Risk and Bugs Analysis

Chapter 5: Securing Build Systems for DevOps Chapter Goal: In this chapter we demonstrate the CI phase of DevOps and utilize our build systems; hosted and on-premises, to apply security and compliance checks throughout the task, we apply code analysis methods to verify quality of product and discusses different approaches to host package archives for deployment.
No of pages: 45
1. On-Premises vs Hosted CI/CD
2. Code Analysis Methods
3. Archive Caching and Hashing
4. Automated Deployments

Chapter 6: Automating Production Environments for Quality Chapter Goal: This chapter focuses on production hosting environments and their security, such as container and host platform security, network ports scanning, firewall and application gateways to prevent unauthorized access. We also explore how to extract sensitive information out of source code and configuration files using external services to improve privacy.
No of pages: 40
1. Host Platforms