Certified and Advanced Degree
Computer Instructors and Consultants
Course Catalog
Building a DevSecOps Practice
Code: DevSecOps
Duration: 3 Day
$2270 USD

OVERVIEW

DevSecOps is a branch of DevOps that focuses on automating Security and integrating it into the process, such as Continuous Delivery, Infrastructure-as-Code (IaC), and observability. DevSecOps speeds the delivery of safer code, but it also helps developers get early feedback on their work, producing more reliable software. This course examines integrating DevSecOps practices into the software delivery pipeline using open-source tools. This course is for software developers, site reliability engineers, and DevOps workers who want to write more secure code in a shorter amount of time.

DELIVERY FORMAT

This course is available in the following formats:

Virtual Classroom

Duration: 3 Day
Classroom

Duration: 3 Day

CLASS SCHEDULE

Delivery Format: Virtual Classroom
Date: May 20 2024 - May 22 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 3 Day

$ 2270

Delivery Format: Virtual Classroom
Date: Sep 04 2024 - Sep 06 2024 | 08:30 - 16:30 EDT
Location: Online
Course Length: 3 Day

$ 2270

Delivery Format: Virtual Classroom
Date: Nov 25 2024 - Nov 27 2024 | 08:30 - 16:30 EST
Location: Online
Course Length: 3 Day

$ 2270

GOALS
  • Examine Agile methodologies are driving the new DevSecOps field
  • Understand what "Shift Left" means relative to DevSecOps
  • Identify the leading "players" in a DevSecOps practice and learn why the leading players might have differing and complementary) agendas.
  • Compare and contrast different types of Security such as implied, explicit, and continuous
  • Examine differing points of contention between traditional Security and IT forensic teams and more modern and progressive DevSecOps Teams
  • Learn about different work strategies, focusing on getting disparate DevOps and security teams and their respective stakeholders "on the same page."
  • Learn about Cloud-Native Security, and different cloud deployment security considerations
  • Examine ways of securing applications and building secure systems
  • Demonstrate how to secure build systems
  • Identify vulnerability patterns in various modern cloud deployment strategies
  • Analyze and plan for all phases of security planning from concept through project maintenance and retirement
  • Develop and execute a DevSecOps security plan
  • Design, plan and use DevSecOps monitoring and logging.
  • Understand how Artificial Intelligence is impacting IT Security and DevSecOps
  • Identify DevSecOps vendors, providers, and tools
OUTLINE

  1. DevSecOps in a Nutshell
    • SecDevOps in a Nutshell Or DevOps Security in a Nutshell.
    • A Very Brief Introduction to DevOps and Security
    • DevSecOps, SecDevOps, DevOps Security Defined
    • Activity Major DevSecOps Players: Regulators, Stakeholders, Developers, Operations, IT Security, Auditors, Leadership
    • Shifting DevOps Security "Left" (like other agile practices)
    • Continuous Security, implied Security, explicit Security
    • Points of Contention between traditional Security Teams (InfoSec) and DevSecOps Teams
  2. DevSecOps in Practice
    • App Security Basics: authorization and access, auditing and logging, confidentiality or privacy, system, and data integrity.
    • Focus on data: platform data, database data, application data
    • Identity management for Dummies: IAM, permissions, and management
    • Mindset shift to DevSecOps: shift left
  3. Living with DevSecOps
    • DevSecOps Testing and Monitoring
    • Artificial Intelligence and DevSecOps
    • Major DevSecOps Vendors and Solutions
  1. DevSecOps in a Nutshell
    • SecDevOps in a Nutshell Or DevOps Security in a Nutshell.
    • A Very Brief Introduction to DevOps and Security
    • DevSecOps, SecDevOps, DevOps Security Defined
    • Activity Major DevSecOps Players: Regulators, Stakeholders, Developers, Operations, IT Security, Auditors, Leadership
    • Shifting DevOps Security "Left" (like other agile practices)
    • Continuous Security, implied Security, explicit Security
    • Points of Contention between traditional Security Teams (InfoSec) and DevSecOps Teams
  2. DevSecOps in Practice
    • App Security Basics: authorization and access, auditing and logging, confidentiality or privacy, system, and data integrity.
    • Focus on data: platform data, database data, application data
    • Identity management for Dummies: IAM, permissions, and management
    • Mindset shift to DevSecOps: shift left
  3. Living with DevSecOps
    • DevSecOps Testing and Monitoring
    • Artificial Intelligence and DevSecOps
    • Major DevSecOps Vendors and Solutions
LABS

Will Be Updated Soon!
Will Be Updated Soon!
WHO SHOULD ATTEND
  • Software developers
  • Site reliability engineers
  • DevOps workers
PREREQUISITES

A working understanding of industry-standard DevOps practices. A learner attending this course should be familiar with the basic tenets of agile and modern IT development and deployment methodologies. While not necessarily an expert in these concepts, learners should be comfortable with their principles. Also, a learner should have a keen and curious ambition about IT security. Security professionals attending the course may or may not have a DevOps background.