As companies are pushing code faster and more often than ever, the rate of vulnerabilities in our systems is accelerating. As we are being asked to do more with less, DevOps has shown immense value to business and security as an integral component that needs to be integrated into the strategy. Topics covered in the course include how DevSecOps provides the business value of DevOps and the ability DevOps has to enable the business and support an organisational transformation with the ultimate goal of increasing productivity, reducing risk, and optimising cost in the organisation. This course explains how DevOps security practices differ from other security approaches and provides the education needed to understand and apply data and security sciences. Participants learn the purpose, benefits, concepts, and vocabulary of DevSecOps; particularly how DevSecOps roles fit with a DevOps culture and organisation. At the end of this course, participants will understand using “security as code” with the intent of making security and compliance consumable as a service. The course is designed to teach practical steps on how to integrate security programs into DevOps practices and highlights how professionals can use data and security science as the primary means of protecting the organisation and customer.

On completion of this course, the following learning outcomes will be achieved:

• The purpose, benefits, concepts, and vocabulary of DevSecOps
• How DevOps security practices differ from other security approaches
• Business-driven security strategies
• Understanding and applying data and security sciences
• The use and benefits of Red and Blue Teams
• Integrating security into Continuous Delivery workflows
• How DevSecOps roles fit with a DevOps culture and organisation.

The target audience for this course are professionals involved in DevSecOps, such as:

• Anyone involved or interested in learning about DevSecOps strategies and automation
• Anyone involved in Continuous Delivery toolchain architectures
• Compliance Team
• Delivery Staff
• DevOps Engineers
• Business Managers
• IT Security Professionals, Practitioners and Managers
• Maintenance and support staff
• Managed Service Providers
• Project & Product Managers
• Quality Assurance Teams
• Release Managers
• Scrum Masters
• Site Reliability Engineers
• Software Engineers
• Testers.

Participants who successfully complete the course and pass the examination will be recognized as DevSecOps Foundation (DSOF) certified which issued and governed by DevOps Institute. Delegates who do not attain a passing score for the examination would be awarded a course attendance certificate only.
EXAMINATION FORMAT

• 40 Multiple Choice
• 1 mark per correct answer
• 26 marks required to pass (out of 40 available) – 65%
• Sixty minutes duration
• Web-based open-book examination.

There are no prerequisites to attending the DevSecOps Foundation course or sitting the certification examination. Familiarity with DevOps definitions and principles are essential.