Zero-Trust Approach to CI/CD
RCCE students will learn CI/CD pipeline security including build environment hardening, artifact integrity verification, secret management in pipelines, deployment authorization controls, and pipeline audit logging. RCCE students will learn to secure continuous integration and continuous deployment pipelines against supply chain attacks, harden build environments and runners, implement secret scanning to prevent credential leakage, verify artifact integrity through code signing and attestation, configure deployment gates and approval workflows, detect unauthorized pipeline modifications, audit pipeline execution logs for suspicious activity, and respond to incidents involving compromised CI/CD infrastructure. This zero-trust course applies modern security principles including least privilege, continuous verification, and explicit trust evaluation. Starting from foundational concepts, RCCE students will learn to implement zero-trust architectures that assume breach and verify every access request regardless of network location. Students build practical zero-trust implementations that align with organizational security modernization goals.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Zero-Trust Approach to CI/CD
- Apply zero-trust principles to privilege decisions and elevation
- Execute hands-on tasks for pipeline security, artifact integrity, and supply chain defense
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for core skills — covering Secure CI/CD pipelines end-to-end, Harden build environments and runners.
- Execute hands-on tasks for secure ci/cd pipelines end-to-end — covering Harden build environments and runners.
- Execute hands-on tasks for advanced outcomes — covering unauthorized pipeline changes, Audit pipeline execution logs.
- Apply zero-trust principles to privilege decisions and elevation, including Assume breach, verify every request, enforce least privilege at every stage.
- Integrate privilege controls with identity providers and SIEM telemetry
- Execute hands-on tasks for continuous deployment — covering Developers merge code frequently.
- Execute hands-on tasks for ci/cd pipeline components
- Execute hands-on tasks for source control — covering Git repos, branch policies.
- Execute hands-on tasks for artifact store — covering Registry, package repos.
| Module 01 | Zero-Trust Approach to CI/CD |
| Module 02 | Pipeline Security, Artifact Integrity, and Supply Chain Defense |
| Module 03 | Learning Objectives |
| Module 04 | Core Skills |
| Module 05 | Secure CI/CD pipelines end-to-end |
| Module 06 | Advanced Outcomes |
| Module 07 | Zero-Trust Principle |
| Module 08 | Continuous Integration |
| Module 09 | Continuous Deployment |
| Module 10 | CI/CD Pipeline Components |
| Module 11 | Source Control |
| Module 12 | Artifact Store |
| Module 13 | Build System |
| Module 14 | Deploy Engine |
All hands-on labs run on Rocheston Rose X OS. Students practice zero-trust approach to ci/cd by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Apply zero-trust principles to privilege decisions and elevation
- Lab 2: Execute hands-on tasks for pipeline security, artifact integrity, and supply chain defense
- Lab 3: Execute hands-on tasks for learning objectives
- Lab 4: Execute hands-on tasks for core skills
- Lab 5: Execute hands-on tasks for secure ci/cd pipelines end-to-end
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Zero-Trust Approach to CI/CD, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI