Add learning guides for DevSecOps roadmap skills #750
Description
Summary
The DevSecOps roadmap (/roadmap/devsecops) currently has 30+ skills across 6 milestones, but most skills don't have "Start Learning" links to guides like the Junior DevOps roadmap does.
Current State
Only 6 skills have links (to existing checklists):
- Linux Security Basics →
/checklists/ssh-hardening - Pipeline Hardening →
/checklists/cicd-pipeline-setup - Image Security →
/checklists/docker-security - Kubernetes Security →
/checklists/kubernetes-security - IAM Best Practices →
/checklists/aws-security - Security Monitoring →
/checklists/monitoring-observability
Skills Needing Learning Guides
Milestone 1: Security Fundamentals
- Security Principles (CIA triad, defense in depth, least privilege, zero trust) ✅
/guides/security-principles(PR docs: Add Security Principles guide #752) - OWASP Top 10 (web application security risks) ✅
/guides/owasp-top-10(PR docs: Add OWASP Top 10 guide #753) - Threat Modeling (STRIDE, DREAD, attack trees) ✅
/guides/threat-modeling(PR feat: Add Threat Modeling guide for DevSecOps roadmap #812) - Cryptography Essentials (encryption, hashing, TLS/SSL, PKI) ✅
/guides/cryptography-essentials(PR feat: Add Cryptography Essentials guide #813)
Milestone 2: Secure Development
- Secure Coding Practices (input validation, output encoding, error handling) ✅
/guides/secure-coding-practices(PR feat: Add Secure Coding Practices guide #814) - SAST Tools (SonarQube, Semgrep, CodeQL) ✅
/guides/sast-tools(PR feat: Add SAST Tools guide for DevSecOps roadmap #815) - Dependency Scanning (Snyk, Dependabot, npm audit) ✅
/guides/dependency-scanning(PR feat: Add Dependency Scanning guide #816) - Pre-commit Hooks (gitleaks, detect-secrets, pre-commit framework) ✅
/guides/pre-commit-hooks(PR feat: Add Pre-commit Hooks guide #818) - Code Review for Security (security-focused code review techniques) ✅
/guides/code-review-security(PR feat: Add Code Review for Security guide #819)
Milestone 3: CI/CD Security
- Secrets Management (HashiCorp Vault, AWS Secrets Manager, SOPS) ✅
/guides/secrets-management(PR feat: Add Secrets Management guide #822) - Pipeline Hardening ✅
/guides/pipeline-hardening(PR feat: Add Pipeline Hardening guide #820) - DAST Integration (OWASP ZAP, Burp Suite)
- Supply Chain Security (SBOM, Sigstore, SLSA framework)
- Security Gates (quality gates, break builds on vulnerabilities)
Milestone 4: Container Security
- Container Runtime Security (Seccomp, AppArmor, non-root users)
- Runtime Threat Detection (Falco, Sysdig, Aqua)
- Service Mesh Security (mTLS, Istio, Linkerd)
Milestone 5: Cloud Security
- Infrastructure as Code Security (Checkov, tfsec, KICS)
- Cloud Security Posture (CSPM, Prowler, ScoutSuite)
- Data Protection (encryption at rest/in transit, key management)
- Network Security (VPCs, security groups, WAF, DDoS)
Milestone 6: Security Operations
- Incident Response (playbooks, runbooks, tabletop exercises)
- Vulnerability Management (tracking, prioritization, remediation)
- Compliance Automation (policy as code, audit trails)
- Security Metrics (KPIs, dashboards, reporting)
Acceptance Criteria
- Each skill should have a dedicated guide page at
/guides/<skill-slug> - Guide should include:
- Overview/introduction
- Key concepts
- Practical examples/code snippets
- Hands-on exercises
- Further reading
- Update
app/roadmap/devsecops/page.tsxto addlinkproperty to each skill
Progress
Completed: 11/25 guides
- Milestone 1: 4/4 ✅
- Milestone 2: 5/5 ✅
- Milestone 3: 2/5
- Milestone 4: 0/3
- Milestone 5: 0/4
- Milestone 6: 0/4
Related
- DevSecOps Roadmap PR: feat: Add DevSecOps roadmap #749
- Issue Feature: DevSecOps Roadmap #732 (original DevSecOps roadmap feature request)