Overview
The DevOps ideology and its emphasis on collaboration between operations, development, testing and support during software development has helped organizations keep up with markets expectations of rapid product rollouts and continuous service. DevOps transformations are enthusiastically adopted by organizations considering the business benefits, but for it to be successful it is important to integrate security as well in every stage of the software development.
DevSecOps is the part of DevOps that emphasises on embedding security early on in the development thus minimizing risk. The DevSecOps Foundation (DSOF)℠ course and the subsequent certification by the DevOps Institute provides candidates the training to understand and apply data and security sciences and the practical steps on integrating security programs into DevOps practices.
KnowledgeHut’s workshop helps you learn the purpose, benefits, concepts, and vocabulary of DevSecOps, how DevSecOps roles fit with a DevOps culture and organization and how to use data and security science as the primary means of protecting the organization and customer. You will get thorough training for appearing for the exams in the form of case studies, real life scenarios and courseware. Enroll now and gain the DevSecOps Foundation (DSOF)℠ certification to usher in DevSecOps into the DevOps culture and organization.
What you will learn
What is DevSecOps: The purpose, benefits, concepts, and vocabulary of DevSecOps
Benefits: How DevOps security practices differ from other security approaches
DevOps for business: Business-driven security strategies
Hands on: Understanding and applying data and security sciences
DevSecOps groups: The use and benefits of Red and Blue Teams
Workflow security: Integrating security into Continuous Delivery workflows
Integration: How DevSecOps roles fit with a DevOps culture and organization
Prerequisites
Although there are no formal prerequisites for the exam, DevOps Institute highly recommends the following to prepare candidates for the exam leading to the DevSecOps Foundation (DSOF)℠ certification:
- It is recommended that candidates complete at least 16 contact hours (instruction and labs) as part of a formal, approved training course delivered by an accredited Education Partner of DevOps Institute
Who Should Attend
- Those interested in DevSecOps strategies and automation
- Anyone involved in Continuous Delivery toolchain architectures
- Compliance Team
- Delivery Staff
- DevOps Engineers
- IT Managers
- IT Security Professionals, Practitioners, and Managers
- Maintenance and support staff
- Managed Service Providers
- Project & Product Managers
- Quality Assurance Teams
- Release Managers
- Scrum Masters
- Site Reliability Engineers
- Software Engineers
- Testers
Knowledgehut Experience
INSTRUCTOR-LED LIVE CLASSROOM
Interact with instructors in real-time— listen, learn, question and apply. Our instructors are industry experts and deliver hands-on learning.
CURRICULUM DESIGNED BY EXPERTS
Our courseware is always current and updated with the latest tech advancements. Stay globally relevant and empower yourself with the latest tools and training.
LEARN THROUGH DOING
Learn theory backed by practical case studies, exercises and coding practice. Get skills and knowledge that can be effectively applied in the real world.
MENTORED BY INDUSTRY LEADERS
Learn from the best in the field. Our mentors are all experienced professionals in the fields they teach.
ADVANCE FROM THE BASICS
Learn concepts from scratch, and advance your learning through step-by-step guidance on tools and techniques.
CODE REVIEWS BY PROFESSIONALS
Get reviews and feedback on your final projects from professional developers.
Curriculum
Course Introduction
- Course Goals
- Course Agenda
- Exercise: Diagramming Your CI/CD Pipeline
Why DevSecOps?
- Key Terms and Concepts
- Why DevSecOps is important
- 3 Ways to Think About DevOps+Security
- Key Principles of DevSecOps
Culture and Management
- Key Terms and Concepts
- Incentive Model
- Resilience
- Organizational Culture
- Generativity
- Erickson, Westrum, and LaLoux
- Exercise: Influencing Culture
Strategic Considerations
- Key Terms and Concepts
- How Much Security is Enough?
- Threat Modeling
- Context is Everything
- Risk Management in a High-velocity World
- Exercise: Measuring For Success
General Security Considerations
- Avoiding the Checkbox Trap
- Basic Security Hygiene
- Architectural Considerations
- Federated Identity
- Log Management
IAM: Identity & Access Management
- Key Terms and Concepts
- IAM Basic Concepts
- Why IAM is Important
- Implementation Guidance
- Automation Opportunities
- How to Hurt Yourself with IAM
- Exercise: Overcoming IAM Challenges
Application Security
- Application Security Testing (AST)
- Testing Techniques
- Prioritizing Testing Techniques
- Issue Management Integration
- Threat Modeling
- Leveraging Automation
Operational Security
- Key Terms and Concepts
- Basic Security Hygiene Practices
- Role of Operations Management
- The Ops Environment
- Exercise: Adding Security to Your CI/CD Pipeline
Governance, Risk, Compliance (GRC) and Audit
- Key Terms and Concepts
- What is GRC?
- Why Care About GRC?
- Rethinking Policies
- Policy as Code
- Shifting Audit Left
- 3 Myths of Segregation of Duties vs. DevOps
- Exercise: Making Policies, Audit and Compliance Work with DevOps
Logging, Monitoring, and Response
- Key Terms and Concepts
- Setting Up Log Management
- Incident Response and Forensics
- Threat Intelligence and Information Sharing
Course Review
- Where We Started
- What We Covered
- Key Reminders of What’s Important
- Exercise: Creating a Personal Action Plan
Exam Preparations
- Exam Requirements, Question Weighting, and Terminology List
- Sample Exam Review
Faq
The Course
This course and certification is beneficial to:
- Those interested in DevSecOps strategies and automation
- Anyone involved in Continuous Delivery toolchain architectures
- Compliance Team
- Delivery Staff
- DevOps Engineers
- IT Managers
- IT Security Professionals, Practitioners, and Managers
- Maintenance and support staff
- Managed Service Providers
- Project & Product Managers
- Quality Assurance Teams
- Release Managers
- Scrum Masters
- Site Reliability Engineers
- Software Engineers
- Testers
By the end of the course you will learn the purpose, benefits, concepts and vocabulary of DevSecOps including DevOps security strategies and aligning them to business benefits.
Participants need to be DevOps Foundation certified to take this course.
Yes, KnowledgeHut offers this training online.
Your instructors are DevOps certified experts who have years of industry experience.
Finance Related
Any registration cancelled within 48 hours of the initial registration will be refunded in FULL (please note that all cancellations will incur a 5% deduction in the refunded amount due to transactional costs applicable while refunding) Refunds will be processed within 30 days of receipt of written request for refund. Kindly go through our Refund Policy for more details: https://www.knowledgehut.com/refund-policy
KnowledgeHut offers a 100% money back guarantee if the candidate withdraws from the course right after the first session. To learn more about the 100% refund policy, visit our Refund Policy.
The Remote Experience
In an online classroom, students can log in at the scheduled time to a live learning environment which is led by an instructor. You can interact, communicate, view and discuss presentations, and engage with learning resources while working in groups, all in an online setting. Our instructors use an extensive set of collaboration tools and techniques which improves your online training experience.
Internet Connectivity (2Mbps Link) and Laptop/PC (Windows/Mac) with 4GB RAM.
reviews on our popular courses
The learning methodology put it all together for me. I ended up attempting projects I’ve never done before and never thought I could.
Lea Kirsten
Senior Developer KnowledgrHut’s Front-End Developer Bootcamp helped me acquire all the skills I require. The learn-by-doing method helped me gain work-like experience and helped me work on various projects.
Emma Smith
Front-End Engineer The learning methodology put it all together for me. I ended up attempting projects I’ve never done before and never thought I could.
Matt Davis
Senior Developer The learning system set up everything for me. I wound up working on projects I've never done and never figured I could.
Tyler Wilson
Full-Stack Expert Everything from the course structure to the trainer and training venue was excellent. The curriculum was extensive and gave me a full understanding of the topic. This training has been a very good investment for me.
Jules Furno
Cloud Software and Network Engineer My special thanks to the trainer for his dedication and patience. I learned many things from him. I would also thank the support team for their help. It was well-organised, great work Knowledgehut team!
Mirelle Takata
Network Systems Administrator I had enrolled for the course last week at KnowledgeHut. The course was very well structured. The trainer was really helpful and completed the syllabus on time and also provided real world examples which helped me to remember the concepts.
York Bollani
Computer Systems Analyst. Knowledgehut is the best platform to gather new skills. Customer support here is very responsive. The trainer was very well experienced and helped me in clearing the doubts clearly with examples.