Introduction
Learn the purpose, benefits, concepts, and vocabulary of DevSecOps including DevOps security strategies and business benefits.
Course Duration :
2 Days Instructor-Led Classroom Training
This comprehensive course addresses testing in a DevOps environment and covers concepts such as the active use of test automation, testing earlier in the development cycle, and instilling testing skills in developers, quality assurance, security, and operational teams.
The course is relevant for every modern IT professional involved in defining or deploying a DevOps testing strategy for their organization, as test engineering is the backbone of DevOps and the primary key for successful DevOps pipeline to support digital transformation.
Actionable and exciting exercises will be used to apply the concepts covered in the course and sample documents, templates, tools, and techniques will be provided to leverage after the class.
Why DevSecOps?
- Key Terms and Concepts
- 3 Ways to Think About DevOps+Security
- Key Principles of DevSecOps
Culture and Management
- Key Terms and Concepts
- Incentive Model
- Resilience
- Organizational Culture
- Generativity
Strategic Considerations
- How Much Security is Enough?
- Threat Modeling
- Context is Everything
- Risk Management in a High-velocity World
General Security Considerations
- Avoiding the Checkbox Trap
- Basic Security Hygiene
- Architectural Considerations
- Federated Identity
- Log Management
IAM: Identity & Access Management
- IAM Basic Concepts
- Why IAM is Important
- Implementation Guidance
- Automation Opportunities
- How to Hurt Yourself with IAM
Application Security
- Application Security Testing (AST)
- Testing Techniques
- Prioritizing Testing Techniques
- Issue Management Integration
- Threat Modeling
- Leveraging Automation
Operational Security
- Basic Security Hygiene Practices
- Role of Operations Management
- The Ops Environment
Governance, Risk, Compliance (GRC) and Audit
- What is and why care about GRC?
- Rethinking Policies
- Policy as Code
- Shifting Audit Left
- 3 Myths of Segregation of Duties vs. DevOps
Logging, Monitoring, and Response
- Setting Up Log Management
- Incident Response and Forensics
- Threat Intelligence and Information Sharing
On completion of this course, the following learning outcomes will be achieved:
- The purpose, benefits, concepts, and vocabulary of DevSecOps
- How DevOps security practices differ from other security approaches
- Business-driven security strategies
- Understanding and applying data and security sciences
- The use and benefits of Red and Blue Teams
- Integrating security into Continuous Delivery workflows
- How DevSecOps roles fit with a DevOps culture and organization
The target audience for this course are professionals involved in DevSecOps, such as:
- Anyone involved or interested in learning about DevSecOps strategies and automation
- Anyone involved in Continuous Delivery toolchain architectures
- Compliance Team
- Delivery Staff
- DevOps Engineers
- Business Managers
- IT Security Professionals, Practitioners and Managers
- Maintenance and support staff
- Managed Service Providers
- Project & Product Managers
- Quality Assurance Teams
- Release Managers
- Scrum Masters
- Site Reliability Engineers
- Software Engineers
- Testers
Participants who successfully complete the course and pass the examination will be recognized as a certified DevOps Test Engineer (DTE) issued and governed by DevOps Institute. Delegates who do not attain a passing score for the examination would be awarded a course attendance certificate only.
EXAMINATION FORMAT
- 40 Multiple Choice
- 1 mark per correct answer
- 26 marks required to pass (out of 40 available) – 65%
- Ninety minutes duration
- Closed-book
The DevOps Foundation certification is a prerequisite to attending the DevSecOps Engineering course and sitting the certification examination. Familiarity with DevOps definitions and principles are essential.
Related Courses
DevSecOps Engineering
Instructor Led Classroom Training - Thailand
Find out more »DevSecOps Engineering
Instructor Led Classroom Training - Thailand
Find out more »DevSecOps Engineering
Instructor Led Classroom Training - Thailand
Find out more »