Ilaria Digital School
CyberSecurity & DevSecOps Expert: Develop, PenTest, and Deploy Secure Applications
Become a CyberSecurity & DevSecOps Specialist: Understand the risks of an application to prioritize tests and corrections; Conduct a Web/API application Pentest (recognition, tests, proofs) on an authorized perimeter; Identify and validate major vulnerabilities (auth/session, access control, access control, injections, auth/session, access control, access, injection, injection, CSRF, injections, CSRF, injections, CSRF, injections, CSRF, injections, CSRF, injections, CSRF, injections, CSRF, injections, CSRF, injections, CSRF, injections, CSRF, injections, CSRF, injections, CSRF, injection); Mas...
Author
Ilaria Digital School
Category
Podcast website
Latest episode
Jul 10, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
Observe an ICMP packet with ping 01.05.2026 15:00
**Theoretical Recap** ICMP (Internet Control Message Protocol) is a network-layer protocol (OSI Layer 3) used primarily for diagnostic and error-reporting purposes. Unlike TCP or UDP, ICMP does not carry application data — it carries control messages...
IP address and packet concepts 30.04.2026 15:00
Now that you are familiar with the basic vocabulary of networks — hosts, links, and packets — it is time to go deeper into two fundamental concepts that underpin virtually every communication on the internet and on private networks: the Internet Prot...
Map your home network 29.04.2026 15:00
**Theoretical Recap** Before diving into the workshop, let's consolidate the core concepts you've encountered so far. A network is made up of hosts (any device with an IP address: computer, smartphone, printer, router, smart TV), links (the physical ...
Basic vocabulary of a network (host, link, packet) 29.04.2026 15:00
Understanding how networks work is the foundation of cybersecurity. Before diving into attack techniques, penetration testing tools, or secure deployment pipelines, you need to be fluent in the basic vocabulary that describes what a network is and ho...
Welcome and chapter goals 28.04.2026 15:00
Welcome to the chapter on Fundamentals of OSI Networks, Protocols, and Models. This chapter is your essential starting point before diving into any cybersecurity or DevSecOps practice. Whether you are aiming to conduct penetration tests, identify vul...
General summary and opening to the next chapter 28.04.2026 15:00
Congratulations on reaching the end of the introductory chapter of this course. Before moving forward, it is essential to consolidate everything you have learned so far and to understand how it connects to what lies ahead. This summary is not simply ...
Workshop: Writing a micro-report on an imaginary bug 27.04.2026 15:00
THEORETICAL RECAP A vulnerability report is the primary deliverable of any security assessment. It transforms technical findings into actionable intelligence for developers, managers, and security teams. A well-structured report answers four essentia...
Workshop: extracting key information from the report 24.04.2026 15:00
**Theoretical Recap** A vulnerability report is a structured document that communicates security findings to both technical and non-technical stakeholders. Understanding how to read and extract key information from such a report is a foundational ski...
Reading a fictional vulnerability report: structure and terminology 23.04.2026 15:00
Understanding how to read a vulnerability report is a foundational skill for anyone entering the field of cybersecurity or DevSecOps. Whether you are reviewing a report produced by a penetration tester, an automated scanning tool, or a security team,...
Step-by-Step Guide: Pre-commit Checklist 23.04.2026 15:00
A pre-commit checklist is a structured list of security and quality checks that every developer must run — or that are automatically triggered — before any piece of code is officially committed to a shared version control repository such as Git. The ...
Mini-project: create a YAML mini-pipeline with commented security steps 22.04.2026 15:00
## Project Overview This mini-project is the capstone activity of the INTRO chapter. Having covered Git security policies, pre-commit hooks, OWASP Top 10, CIA triad, Shift-Left/Shift-Right/Feedback Loop principles, and pipeline security mapping, you ...
Workshop: placing security tests into an existing workflow 21.04.2026 15:00
**Theoretical Recap** Integrating security tests into an existing CI/CD workflow is the operational heart of DevSecOps. The core principle is simple: security checks must not be an afterthought bolted onto the end of a pipeline — they must be embedde...
The three shifts: Shift-Left, Shift-Right, Feedback Loop 21.04.2026 15:00
Security in software development has undergone a profound transformation over the past two decades. Traditionally, security was treated as a final checkpoint: developers would write code, assemble an application, and only at the very end would a secu...
Workshop: mapping the OWASP Top 10 on the pipeline 20.04.2026 15:00
**Theoretical Recap** The OWASP Top 10 is a regularly updated reference document listing the ten most critical web application security risks. It is not a checklist to mechanically tick off, but a risk map that helps teams prioritize where to focus t...
Overview of the OWASP Top 10 17.04.2026 15:00
Before diving into penetration testing techniques or setting up a secure delivery pipeline, every cybersecurity practitioner must understand what they are actually protecting against. The OWASP Top 10 is the most widely recognized reference in web ap...
Printable memo sheet: minimal secure pipeline 17.04.2026 15:00
This memo sheet is designed to consolidate everything you have learned so far into a single, clear, and actionable reference. You have already explored Git fundamentals, branch policies, pre-commit hooks, security concepts such as Confidentiality, In...
Workshop: setting up a basic pre-commit rule 16.04.2026 15:00
**Theoretical Recap** A pre-commit hook is a script that Git executes automatically before finalizing a commit. It acts as a last-line-of-defence gate: if the script exits with a non-zero code, the commit is rejected and the developer is forced to fi...
Secure branch policies: key concepts 15.04.2026 15:00
When you work in a team on a software project, or even alone with a professional pipeline in mind, the way you organize your branches in Git is not a trivial matter. Branches are not just a convenience for parallel development: they are a critical se...
Workshop: simulating a committed secret and correcting it 14.04.2026 15:00
**Theoretical Recap** In the world of DevSecOps, one of the most common and dangerous mistakes a developer can make is accidentally committing a secret — a password, an API key, a database connection string, a private token — directly into a Git repo...
Git and traceability: history at the service of security 14.04.2026 15:00
Git is far more than a simple tool for saving code. When used correctly, it becomes a genuine security instrument, allowing teams to track every change, identify the origin of a vulnerability, and respond quickly to incidents. This course builds dire...
Workshop: first Git manipulations (clone, commit) 13.04.2026 15:00
THEORETICAL RECAP Git is a distributed version control system that tracks changes in files over time. Every project managed with Git lives inside a repository (repo), which stores the full history of modifications. Understanding a few core concepts i...
Very high level introduction to Git as the foundation of the pipeline 10.04.2026 15:00
Git is a version control system. That means it is a tool that tracks every change made to a set of files over time. If you write code, modify a configuration file, or update a script, Git records what changed, when it changed, and who made the change...
Workshop: installing and verifying the lab virtual machine 09.04.2026 15:00
**Theoretical Recap** A virtual machine (VM) is a software emulation of a physical computer. It runs an operating system and applications in an isolated environment, completely separated from your host system. This isolation is fundamental in cyberse...
Prepare your secure test environment (VM, accounts, browser) 09.04.2026 15:00
Before performing any security test, penetration test, or vulnerability analysis, you must set up a dedicated, isolated, and controlled environment. This is not optional. Working directly on your personal machine, using your real accounts, or testing...
Entry ramp summary and personal checklist 08.04.2026 15:00
You have now completed the introductory section of this course on CyberSecurity and DevSecOps. Before moving on to more technical and specialized content, this chapter serves a double purpose: consolidating everything you have learned so far and givi...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.