CI/CD Deep Dive: Field Guide
RCCE students will learn CI/CD pipeline security including build environment hardening, artifact integrity verification, secret management in pipelines, deployment authorization controls, and pipeline audit logging. RCCE students will learn to secure continuous integration and continuous deployment pipelines against supply chain attacks, harden build environments and runners, implement secret scanning to prevent credential leakage, verify artifact integrity through code signing and attestation, configure deployment gates and approval workflows, detect unauthorized pipeline modifications, audit pipeline execution logs for suspicious activity, and respond to incidents involving compromised CI/CD infrastructure. This deep-dive course provides comprehensive technical coverage that goes beyond surface-level understanding. At an expert level, RCCE students will learn to master the nuances, edge cases, and advanced configurations that separate competent practitioners from true experts. Students will engage with complex real-world scenarios and gain the depth of knowledge required to troubleshoot difficult situations, mentor junior team members, and make architectural decisions with confidence.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing CI/CD Deep Dive: Field Guide
- Execute hands-on tasks for ci/cd deep dive: field guide
- Execute hands-on tasks for advanced cyber defense mastery
- Execute hands-on tasks for pipeline security
- Execute hands-on tasks for artifact integrity
- Explain Executive Overview: CI/CD Pipeline Security fundamentals — covering Why CI/CD Security Matters.
- Execute hands-on tasks for secured pipeline advantages — covering Malicious code injected into production, Immutable build provenance and.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for build environment hardening
- Execute hands-on tasks for hardening principles
- Execute hands-on tasks for key controls — covering Ephemeral build environments (destroy after use), Disable SSH/RDP access to build runners.
- Execute hands-on tasks for cloud-hosted runners
- Execute hands-on tasks for self-hosted runners
| Module 01 | CI/CD Deep Dive: Field Guide |
| Module 02 | Advanced Cyber Defense Mastery |
| Module 03 | Pipeline Security |
| Module 04 | Artifact Integrity |
| Module 05 | Executive Overview: CI/CD Pipeline Security |
| Module 06 | Secured Pipeline Advantages |
| Module 07 | CI/CD Pipeline Architecture & Components |
| Module 08 | Build Environment Hardening |
| Module 09 | Hardening Principles |
| Module 10 | Key Controls |
| Module 11 | Cloud-Hosted Runners |
| Module 12 | Self-Hosted Runners |
| Module 13 | Secret Exposure |
| Module 14 | Secret Management in CI/CD Pipelines |
All hands-on labs run on Rocheston Rose X OS. Students practice ci/cd deep dive: field guide by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for ci/cd deep dive: field guide
- Lab 2: Execute hands-on tasks for advanced cyber defense mastery
- Lab 3: Execute hands-on tasks for pipeline security
- Lab 4: Execute hands-on tasks for artifact integrity
- Lab 5: Explain Executive Overview: CI/CD Pipeline Security fundamentals
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for CI/CD Deep Dive: Field Guide, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI