📋 DevSecOps Cheat Sheet

Security integration patterns for DevOps pipelines in AZ-400.

Shift-Left Security

  • SAST (Static Analysis): scan source code for vulnerabilities during CI.
  • DAST (Dynamic Analysis): test running applications for security issues.
  • SCA (Software Composition Analysis): scan dependencies for known CVEs.
  • Secret scanning: detect committed secrets and credentials in repositories.

Compliance

  • Pipeline gates: enforce security scanning before deployment promotion.
  • SBOM (Software Bill of Materials): track all components and dependencies.
  • Credential rotation: automate secret rotation with Key Vault policies.
  • Audit trails: pipeline logs and approvals provide deployment compliance evidence.

Practice Security Questions

Put your knowledge to the test with practice questions.

Security Questions →Full AZ-400 Quiz

More AZ-400 Cheat Sheets

📋CI/CD Pipelines Cheat Sheet📋Containers & IaC Cheat Sheet📋Release & Monitoring Cheat Sheet
← AZ-400 Study HubFree Mock Exam7-Day Study Plan