Overview
The DevOps ideology and its emphasis on collaboration between operations, development, testing and support during software development has helped organizations keep up with markets expectations of rapid product rollouts and continuous service. DevOps transformations are enthusiastically adopted by organizations considering the business benefits, but for it to be successful it is important to integrate security as well in every stage of the software development.
DevSecOps is the part of DevOps that emphasises on embedding security early on in the development thus minimizing risk. The DevSecOps Foundation (DSOF)℠ course and the subsequent certification by the DevOps Institute provides candidates the training to understand and apply data and security sciences and the practical steps on integrating security programs into DevOps practices.
KnowledgeHut’s workshop helps you learn the purpose, benefits, concepts, and vocabulary of DevSecOps, how DevSecOps roles fit with a DevOps culture and organization and how to use data and security science as the primary means of protecting the organization and customer. You will get thorough training for appearing for the exams in the form of case studies, real life scenarios and courseware. Enroll now and gain the DevSecOps Foundation (DSOF)℠ certification to usher in DevSecOps into the DevOps culture and organization.
What you will learn
What is DevSecOps: The purpose, benefits, concepts, and vocabulary of DevSecOps
Benefits: How DevOps security practices differ from other security approaches
DevOps for business: Business-driven security strategies
Hands on: Understanding and applying data and security sciences
DevSecOps groups: The use and benefits of Red and Blue Teams
Workflow security: Integrating security into Continuous Delivery workflows
Integration: How DevSecOps roles fit with a DevOps culture and organization
Prerequisites
Although there are no formal prerequisites for the exam, DevOps Institute highly recommends the following to prepare candidates for the exam leading to the DevSecOps Foundation (DSOF)℠ certification:
- It is recommended that candidates complete at least 16 contact hours (instruction and labs) as part of a formal, approved training course delivered by an accredited Education Partner of DevOps Institute
Who Should Attend
- Those interested in DevSecOps strategies and automation
- Anyone involved in Continuous Delivery toolchain architectures
- Compliance Team
- Delivery Staff
- DevOps Engineers
- IT Managers
- IT Security Professionals, Practitioners, and Managers
- Maintenance and support staff
- Managed Service Providers
- Project & Product Managers
- Quality Assurance Teams
- Release Managers
- Scrum Masters
- Site Reliability Engineers
- Software Engineers
- Testers
Knowledgehut Experience
INSTRUCTOR-LED LIVE CLASSROOM
Interact with instructors in real-time— listen, learn, question and apply. Our instructors are industry experts and deliver hands-on learning.
CURRICULUM DESIGNED BY EXPERTS
Our courseware is always current and updated with the latest tech advancements. Stay globally relevant and empower yourself with the latest tools and training.
LEARN THROUGH DOING
Learn theory backed by practical case studies, exercises and coding practice. Get skills and knowledge that can be effectively applied in the real world.
MENTORED BY INDUSTRY LEADERS
Learn from the best in the field. Our mentors are all experienced professionals in the fields they teach.
ADVANCE FROM THE BASICS
Learn concepts from scratch, and advance your learning through step-by-step guidance on tools and techniques.
CODE REVIEWS BY PROFESSIONALS
Get reviews and feedback on your final projects from professional developers.
Curriculum
Course Introduction
- Course Goals
- Course Agenda
- Exercise: Diagramming Your CI/CD Pipeline
Why DevSecOps?
- Key Terms and Concepts
- Why DevSecOps is important
- 3 Ways to Think About DevOps+Security
- Key Principles of DevSecOps
Culture and Management
- Key Terms and Concepts
- Incentive Model
- Resilience
- Organizational Culture
- Generativity
- Erickson, Westrum, and LaLoux
- Exercise: Influencing Culture
Strategic Considerations
- Key Terms and Concepts
- How Much Security is Enough?
- Threat Modeling
- Context is Everything
- Risk Management in a High-velocity World
- Exercise: Measuring For Success
General Security Considerations
- Avoiding the Checkbox Trap
- Basic Security Hygiene
- Architectural Considerations
- Federated Identity
- Log Management
IAM: Identity & Access Management
- Key Terms and Concepts
- IAM Basic Concepts
- Why IAM is Important
- Implementation Guidance
- Automation Opportunities
- How to Hurt Yourself with IAM
- Exercise: Overcoming IAM Challenges
Application Security
- Application Security Testing (AST)
- Testing Techniques
- Prioritizing Testing Techniques
- Issue Management Integration
- Threat Modeling
- Leveraging Automation
Operational Security
- Key Terms and Concepts
- Basic Security Hygiene Practices
- Role of Operations Management
- The Ops Environment
- Exercise: Adding Security to Your CI/CD Pipeline
Governance, Risk, Compliance (GRC) and Audit
- Key Terms and Concepts
- What is GRC?
- Why Care About GRC?
- Rethinking Policies
- Policy as Code
- Shifting Audit Left
- 3 Myths of Segregation of Duties vs. DevOps
- Exercise: Making Policies, Audit and Compliance Work with DevOps
Logging, Monitoring, and Response
- Key Terms and Concepts
- Setting Up Log Management
- Incident Response and Forensics
- Threat Intelligence and Information Sharing
Course Review
- Where We Started
- What We Covered
- Key Reminders of What’s Important
- Exercise: Creating a Personal Action Plan
Exam Preparations
- Exam Requirements, Question Weighting, and Terminology List
- Sample Exam Review
Faq
The Course
This course and certification is beneficial to:
- Those interested in DevSecOps strategies and automation
- Anyone involved in Continuous Delivery toolchain architectures
- Compliance Team
- Delivery Staff
- DevOps Engineers
- IT Managers
- IT Security Professionals, Practitioners, and Managers
- Maintenance and support staff
- Managed Service Providers
- Project & Product Managers
- Quality Assurance Teams
- Release Managers
- Scrum Masters
- Site Reliability Engineers
- Software Engineers
- Testers
By the end of the course you will learn the purpose, benefits, concepts and vocabulary of DevSecOps including DevOps security strategies and aligning them to business benefits.
Participants need to be DevOps Foundation certified to take this course.
Yes, KnowledgeHut offers this training online.
Your instructors are DevOps certified experts who have years of industry experience.
Finance Related
Any registration cancelled within 48 hours of the initial registration will be refunded in FULL (please note that all cancellations will incur a 5% deduction in the refunded amount due to transactional costs applicable while refunding) Refunds will be processed within 30 days of receipt of written request for refund. Kindly go through our Refund Policy for more details: https://www.knowledgehut.com/refund-policy
KnowledgeHut offers a 100% money back guarantee if the candidate withdraws from the course right after the first session. To learn more about the 100% refund policy, visit our Refund Policy.
The Remote Experience
In an online classroom, students can log in at the scheduled time to a live learning environment which is led by an instructor. You can interact, communicate, view and discuss presentations, and engage with learning resources while working in groups, all in an online setting. Our instructors use an extensive set of collaboration tools and techniques which improves your online training experience.
Internet Connectivity (2Mbps Link) and Laptop/PC (Windows/Mac) with 4GB RAM.
reviews on our popular courses
This 2-day training session helped me widen my knowledge of Scrum methodologies and Agile principles. Everything was well-organized, though it was an online session. My trainer explained the concepts with real-life examples and ensured every participant was on the same page. I highly recommend this course to everyone who wants to become a Certified Scrum Master. Kudos to the team efforts behind this!
You can go from nothing to simply get a grip on the everything as you proceed to begin executing immediately. I know this from direct experience!
Amanda H
Senior Back-End Developer The learn by doing and work-like approach throughout the bootcamp resonated well. It was indeed a work-like experience.
Dave Nigels
Full Stack Engineer I know from first-hand experience that you can go from zero and just get a grasp on everything as you go and start building right away.
Madeline R
Developer Everything was well organized. I would definitely refer their courses to my peers as well. The customer support was very interactive. As a small suggestion to the trainer, it will be better if we have discussions in the end like Q&A sessions.
Steffen Grigoletto
Senior Database Administrator The trainer was really helpful and completed the syllabus on time and also provided live examples which helped me to remember the concepts. Now, I am in the process of completing the certification. Overall good experience.
Vito Dapice
Data Quality Manager I feel Knowledgehut is one of the best training providers. Our trainer was a very knowledgeable person who cleared all our doubts with the best examples. He was kind and cooperative. The courseware was excellent and covered all concepts. Initially, I just had a basic knowledge of the subject but now I know each and every aspect clearly and got a good job offer as well. Thanks to Knowledgehut.
Archibold Corduas
Senior Web Administrator This is a great course to invest in. The trainers are experienced, conduct the sessions with enthusiasm and ensure that participants are well prepared for the industry. I would like to thank my trainer for his guidance.