Introduction

Learn the purpose, benefits, concepts, and vocabulary of DevSecOps including DevOps security strategies and business benefits.

Course Duration :

2 Days Instructor-Led Classroom Training

Synopsis
Outline
Objectives
Audience
Certification & Exam Info
Prerequisites
Synopsis

This comprehensive course addresses testing in a DevOps environment and covers concepts such as the active use of test automation, testing earlier in the development cycle, and instilling testing skills in developers, quality assurance, security, and operational teams.

The course is relevant for every modern IT professional involved in defining or deploying a DevOps testing strategy for their organization, as test engineering is the backbone of DevOps and the primary key for successful DevOps pipeline to support digital transformation.

Actionable and exciting exercises will be used to apply the concepts covered in the course and sample documents, templates, tools, and techniques will be provided to leverage after the class.

Outline

Why DevSecOps?

  • Key Terms and Concepts
  • 3 Ways to Think About DevOps+Security
  • Key Principles of DevSecOps

Culture and Management

  • Key Terms and Concepts
  • Incentive Model
  • Resilience
  • Organizational Culture
  • Generativity

Strategic Considerations

  • How Much Security is Enough?
  • Threat Modeling
  • Context is Everything
  • Risk Management in a High-velocity World

General Security Considerations

  • Avoiding the Checkbox Trap
  • Basic Security Hygiene
  • Architectural Considerations
  • Federated Identity
  • Log Management

IAM: Identity & Access Management

  • IAM Basic Concepts
  • Why IAM is Important
  • Implementation Guidance
  • Automation Opportunities
  • How to Hurt Yourself with IAM

Application Security

  • Application Security Testing (AST)
  • Testing Techniques
  • Prioritizing Testing Techniques
  • Issue Management Integration
  • Threat Modeling
  • Leveraging Automation

Operational Security

  • Basic Security Hygiene Practices
  • Role of Operations Management
  • The Ops Environment

Governance, Risk, Compliance (GRC) and Audit

  • What is and why care about GRC?
  • Rethinking Policies
  • Policy as Code
  • Shifting Audit Left
  • 3 Myths of Segregation of Duties vs. DevOps

Logging, Monitoring, and Response

  • Setting Up Log Management
  • Incident Response and Forensics
  • Threat Intelligence and Information Sharing
Objectives

On completion of this course, the following learning outcomes will be achieved:

  • The purpose, benefits, concepts, and vocabulary of DevSecOps
  • How DevOps security practices differ from other security approaches
  • Business-driven security strategies
  • Understanding and applying data and security sciences
  • The use and benefits of Red and Blue Teams
  • Integrating security into Continuous Delivery workflows
  • How DevSecOps roles fit with a DevOps culture and organization
Audience

The target audience for this course are professionals involved in DevSecOps, such as:

  • Anyone involved or interested in learning about DevSecOps strategies and automation
  • Anyone involved in Continuous Delivery toolchain architectures
  • Compliance Team
  • Delivery Staff
  • DevOps Engineers
  • Business Managers
  • IT Security Professionals, Practitioners and Managers
  • Maintenance and support staff
  • Managed Service Providers
  • Project & Product Managers
  • Quality Assurance Teams
  • Release Managers
  • Scrum Masters
  • Site Reliability Engineers
  • Software Engineers
  • Testers
Certification & Exam Info

Participants who successfully complete the course and pass the examination will be recognized as a certified DevOps Test Engineer (DTE) issued and governed by DevOps Institute. Delegates who do not attain a passing score for the examination would be awarded a course attendance certificate only.

EXAMINATION FORMAT

  • 40 Multiple Choice
  • 1 mark per correct answer
  • 26 marks required to pass (out of 40 available) – 65%
  • Ninety minutes duration
  • Closed-book
Prerequisites

The DevOps Foundation certification is a prerequisite to attending the DevSecOps Engineering course and sitting the certification examination. Familiarity with DevOps definitions and principles are essential.

Related Courses

DevSecOps Engineering

Instructor Led Classroom Training - Malaysia

Find out more »
Malaysia, Kuala Lumpur, Malaysia
+ Google Map

DevSecOps Engineering

Instructor Led Classroom Training - Singapore

Find out more »
Singapore, 228149 Singapore
+ Google Map

DevSecOps Engineering

Instructor Led Classroom Training - Thailand

Find out more »
Thailand, Bangkok Thailand
+ Google Map

Download Brochure