Free
Course

Important DevSecOps Tools

Learn DevSecOps essentials: SAST and DAST tools like Bandit, Clean Code, LGTM, OWASP ZAP, and Nikto, plus dependency analysis and IaC security tools. Explore secrets and vulnerability management.

Start

  • Skill level

    Intermediate

  • Time to complete

    Approx. 1 hour

  • Certificate of completion

    Yes

About this course

DevSecOps stands for development, security, and operations, and is used to inject security earlier in the software development life cycle (SDLC). In this course, you will explore the various categories of DevSecOps, starting with static analysis security testing (SAST) and dynamic analysis security testing (DAST). Next, you will discover common SAST and DAST DevSecOps tools including Bandit, Clean Code, looks good to me (LGTM), OWASP Zed Attack Proxy (ZAP), and Nikto, and examine dependency analysis and related dependency analysis tools. Then, you will investigate infrastructure as code (IaC) security and the leading IaC security tools, including Anchore, Clair, Dagda, OpenSCAP, dockscan, and InSpec. Finally, you will find out how secrets management is used to manage passwords, keys, application programming interfaces (APIs), and tokens, and you will identify the benefits of vulnerability management and assessment practices.

Learning objectives

  • Discover the key concepts covered in this course
  • Provide an overview of sast, or static analysis
  • Describe dast, or dynamic analysis
Meet the creator of the course
View on LinkedIn
Sven Batalla
Product Owner/Scrum Master
Sven Batalla is a software management professional with 20+ years of experience in managing multi-million dollar projects for Fortune 500 clients. His entire career has centered around team communication and efficiency. With certifications in Agile methodologies, Sven has proven adept at all aspects of the software development lifecycle, including design, architecture, and managing people, budgets, schedules, quality, and other deliverables.
View on LinkedIn

How it works

Expert-led videos

In this course, you'll watch videos created by industry-leading experts for some of the biggest tech companies in the world. They'll cover key concepts, go through sample applications, prepare you for industry certifications, and more. Watch on any device — whenever and wherever you want — to learn at your own pace.
Start

Reviews from learners

  • Very well put together as usual. I learn so much from each experience with Codecademy. I can't explain how satisfied I am with this institution.
    David W
    Verified Learner
  • Everything Codecademy offers is useful for all software developers.
    Fidan M
    Verified Learner
  • I thought that I would never be able to learn to code but Codecademy has made it very easy. I just love it!
    Adyan H
    Verified Learner

Our learners work at

  • Google Logo
  • Meta Logo
  • Apple Logo
  • EA Logo
  • Amazon Logo
  • IBM Logo
  • Microsoft Logo
  • Reddit Logo
  • Spotify Logo
  • Uber Logo
  • YouTube Logo
  • Instagram Logo

How to Break Into Cybersecurity Without a Degree

Cory Stieg
Jul 9, 2025

This past year, the job market saw 514,359 listings from public and private employers, all hunting for cybersecurity specialists or tech talent with serious cybersecurity skills.

As tech continues to transform our lives, more people are needed to defend these technologies and keep up with their advancements, says Okey Obudulu, Chief Information Security Officer (CISO) for Skillsoft, the company that Codecademy is proud to be part of. “The blatant attacks on companies’ networks have led more and more companies to really get serious around the demand for cybersecurity professionals,” he says.

Continue reading

Join over 50 million learners and start Important DevSecOps Tools today!

Start

Looking for something else?

Related courses and paths

  • Free course

    DevSecOps Methodologies

    Explore DevSecOps methodology: Discover frameworks like CALMs and Three Ways, integration of security, migration strategies from DevOps to DevSecOps, and DevSecOps phases and decentralization.
    • Intermediate.
      1 hour
  • Free course

    DevSecOps Principles: From DevOps to DevSecOps

    Learn DevSecOps Fundamentals: Explore the roles of DevOps and DevSecOps in IT. Understand benefits, requirements, and challenges. Discover industry applications and team preparation steps.
    • Intermediate.
      1 hour
  • Free course

    DevSecOps On-premises

    Learn DevSecOps on-premises: Compare on-premises, cloud, and hybrid solutions, understand DevSecOps team roles, and focus on the three pillars of DevSecOps.
    • Intermediate.
      2 hours

Browse more topics

View full catalog

Unlock additional features with a paid plan

  • Portfolio projects

    Create professional projects you can share with recruiters to showcase your skills and experience.

  • Job-readiness checker

    Evaluate how well you meet the requirements for any job description based on your skills and experience.

  • Certificate of completion

    Earn a document you can share with your network to prove that you’ve completed this course.
See pricing and plans