7878 Reviews star_rate star_rate star_rate star_rate star_half

Fundamentals of DevSecOps

DevSecOps (Development, Security, and Operations) is an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire Software...

By Request

Course Code FUND-DEVSECOPS

Duration 2 days

Available Formats Classroom

Enter your Email to Download Full Course Details

DevSecOps (Development, Security, and Operations) is an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire Software Development Life Cycle (SDLC). This DevSecOps Fundamentals training course teaches attendees how to prioritize security and compliance in their workflows.

Skills Gained

Have a thorough understanding of DevSecOps
Implement a process where products and services have safety and security incorporated into the architecture
Architect DevSecOps strategies and automation

Prerequisites

All participants must have attended DevOps Fundamentals or have comparable experience implementing basic DevOps principles.

Course Details

Outline

Introduction

DevSecOps Origin and Evolution

DevOps beginnings
DevSecOps values and manifestos
CALMS and SaC (security as code)
DevSecOps and the Three Ways
DevSecOps outcomes

The Security- and Cyber-Threat Landscape

Cyber Thread Industrial Landscape
Threat definition
Source of threats
Outcomes and results
Threat (type) models
STRIDE
MITRE ATT and CK
Who/what do we protect from?
Published common flaws
OWASP top ten
EU agency cybersecurity rankings
Threat actors and agents
What do we protect?
protection metrics
continuous compliance

Building a DevSecOps Model

Responsiveness
How, what, to/from whom?
KPI(s): Key Performance Indicators
Redesigning change management
DevSecOps maturity and implementation model
Resilience through responsiveness
Building a (compliant) model
Outcomes

DevSecOps Safety Culture

DevSecOps "state of mind" and practices
The Trust Algorithm
Definition of a safety culture
Westrum and Laloux typologies
DevSecOps stakeholders
Types
Collaboration
Governance

DevSecOps Best Practices

Current assessment
Continuous security map/definition
Security in the DevOps flow
Practices and (shift security left) outcomes
Security and the CI/CD pipeline
Cloud and container security
The target state
Artifact, risk, identity, access, and secrets management
Perils of a DevOps pipeline
Building a secure DevOps pipeline
SAST / DAST / IAST / RASP tools
Continuous compliance
SIEM (security information and event management)

Learning DevSecOps

The Third Way (continuous experimentation and learning)
Security training (as policy)
DevSecOps Dojos
Security Chaos Engineering and gamification
Learning through experiences, innovation, retrospectives
Continuous learning forever

Conclusion

Read Less

0 options available

There are currently no scheduled dates for this course. If you are interested in this course, request a course date with the links above. We can also contact you when the course is scheduled in your area.

Request Other Date Request On-site Course

When does class start/end?

Classes begin promptly at 9:00 am, and typically end at 5:00 pm.

Does the course schedule include a Lunchbreak?

Lunch is normally an hour long and begins at noon. Coffee, tea, hot chocolate and juice are available all day in the kitchen. Fruit, muffins and bagels are served each morning. There are numerous restaurants near each of our centers, and some popular ones are indicated on the Area Map in the Student Welcome Handbooks - these can be picked up in the lobby or requested from one of our ExitCertified staff.

How can someone reach me during class?

If someone should need to contact you while you are in class, please have them call the center telephone number and leave a message with the receptionist.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

How do I find an ExitCertified training location?

We have training locations across the United States and Canada. View a full list of classroom training locations.

Which delivery formats are available?

At ExitCertified we offer training that is Instructor-Led, Online, Virtual and Self-Paced.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.

What does vendor-authorized training mean?

As a vendor-authorized training partner, we offer a curriculum that our partners have vetted. We use the same course materials and facilitate the same labs as our vendor-delivered training. These courses are considered the gold standard and, as such, are priced accordingly.

Is the training too basic, or will you go deep into technology?

It depends on your requirements, your role in your company, and your depth of knowledge. The good news about many of our learning paths, you can start from the fundamentals to highly specialized training.

How up-to-date are your courses and support materials?

We continuously work with our vendors to evaluate and refresh course material to reflect the latest training courses and best practices.

Are your instructors seasoned trainers who have deep knowledge of the training topic?

ExitCertified instructors have an average of 27 years of practical IT experience. They have also served as consultants for an average of 15 years. To stay up to date, instructors will at least spend 25 percent of their time learning new emerging technologies and courses.

Do you provide hands-on training and exercises in an actual lab environment?

Lab access is dependent on the vendor and the type of training you sign up for. However, many of our top vendors will provide lab access to students to test and practice. The course description will specify lab access.

Will you customize the training for our company’s specific needs and goals?

We will work with you to identify training needs and areas of growth. We offer a variety of training methods, such as private group training, on-site of your choice, and virtually. We provide courses and certifications that are aligned with your business goals.

How do I get started with certification?

Getting started on a certification pathway depends on your goals and the vendor you choose to get certified in. Many vendors offer entry-level IT certification to advanced IT certification that can boost your career. To get access to certification vouchers and discounts, please contact customerexp@exitcertified.com.

Will I get access to content after I complete a course?

You will get access to the PDF of course books and guides, but access to the recording and slides will depend on the vendor and type of training you receive.

How to request a W9 for ExitCertified LLC?

View our filing status and how to request a W9.

Concise and good to follow along. Although it is a lot to take in under a short period of time.

ExitCertified Student

ExitCertified

I was very satisfied about how the course was organized. Sean Did a very good work

Maximilien Belinga Belinga

ExitCertified

Great class I learned a great deal from the material. There would seem to a large amount that I need to learn about.

William Driver

ExitCertified

Great and very intuitive. Better than the traditional hit the wrong button/lose points.

ExitCertified Student

ExitCertified

The training was good but needed the basic skills of maximo before getting deep in the configuration of it.

Manish Patel

ExitCertified

Fundamentals of DevSecOps

Overview

Schedule

FAQ

Reviews

Skills Gained

Prerequisites

Course Details

Outline

When does class start/end?

Does the course schedule include a Lunchbreak?

How can someone reach me during class?

What languages are used to deliver training?

What does GTR stand for?

How do I find an ExitCertified training location?

Which delivery formats are available?

Does ExitCertified deliver group training?

What does vendor-authorized training mean?

Is the training too basic, or will you go deep into technology?

How up-to-date are your courses and support materials?

Are your instructors seasoned trainers who have deep knowledge of the training topic?

Do you provide hands-on training and exercises in an actual lab environment?

Will you customize the training for our company’s specific needs and goals?

How do I get started with certification?

Will I get access to content after I complete a course?

How to request a W9 for ExitCertified LLC?

Alert!

Modal Title

Error!

Default Title

Prompt

Confirm

Login

Fundamentals of DevSecOps

Overview

Schedule

FAQ

Reviews

Skills Gained

Prerequisites

Course Details

Outline

Upcoming Course Dates

Drag & Drop a File Here

When does class start/end?

Does the course schedule include a Lunchbreak?

How can someone reach me during class?

What languages are used to deliver training?

What does GTR stand for?

How do I find an ExitCertified training location?

Which delivery formats are available?

Does ExitCertified deliver group training?

What does vendor-authorized training mean?

Is the training too basic, or will you go deep into technology?

How up-to-date are your courses and support materials?

Are your instructors seasoned trainers who have deep knowledge of the training topic?

Do you provide hands-on training and exercises in an actual lab environment?

Will you customize the training for our company’s specific needs and goals?

How do I get started with certification?

Will I get access to content after I complete a course?

How to request a W9 for ExitCertified LLC?

Alert!

Modal Title

Error!

Default Title

Prompt

Confirm

Login