Select Page
68 / 100

DevSecOps Engineer

The course is designed to teach practical steps on how to integrate security programs into DevOps practices and highlights how professionals can use data and security science as the primary means of protecting the organization and customer.

DevSecOps aims to maximize the predictability, efficiency, security, and maintainability of operational processes. To implement DevOps successfully in an organization, it’s necessary to address the people, Process & Technology .Embedding security into the DevOps processes is referred to as DevSecOps.

DevOps addresses the business need of rapidly delivering products and release code in order to satisfy customer demands, it is important that security must work in tandem with Agile and DevOps processes. Just as DevOps addresses the traditional silos between Development and Operation. DevSecOps seeks to address the silos between Dev, Ops and Security teams. Automated application security further facilitates reducing friction and removing bottlenecks in the CI/CD cycle .

As companies are pushing code faster and more often than ever, the rate of vulnerabilities in our systems is accelerating. As we are being asked to do more with less, DevOps has shown immense value to business and security as an integral component that needs to be integrated into the strategy.

Topics covered in the course include how DevSecOps provides the business value of DevOps and the ability DevOps has to enable the business and support an organizational transformation with the ultimate goal of increasing productivity, reducing risk, and optimizing cost in the organization

DevSecOps Engineer 1

REAL LIFE CASE STUDIES

INSTRUCTOR-LED SESSIONS

INDUSTRY DRIVEN CERTIFICATION

DAILY ASSIGNMENTS

STUDENT LEARNING KIT

 

syllabus

syllabus

DevSecOps Engineer 2
module 1 : introduction to devsecops engineer
  • The Core Comparison between  DevSecOps and DevOps, looks at the definition of the security framework and explains the ‘why’ and ‘how’.
  • By the end of the module, students will be acquainted with the DevSecOps security mindset, along with its principles and concepts.
DevSecOps Engineer 3
module 2 : DevSecops essentials
  • OWASP Top 10 & OWASP ASVS
  • Agile Methodology
  • DevOps Culture & Principles
  • Overview of DevOps Tools
  • DevOps CI/CD Pipelining
  • DevOps Deployment Pipeline
  • Deployment Kata
  • Security & Compliance Challenges in DevOps
  • Speed – The Velocity of Delivery
  • Downside’s of Microservices
  • Segregation of Duties in DevOps
  • Change Control Management
DevSecOps Engineer 4
module 3 : Secure dev-ops
  • Case Study on DevOps
  • OWASP Controls
  • Security as-a Self-Service
  • Using Infrastructure as Code
  • The ‘HoneyMoon’ Effect
DevSecOps Engineer 5
module 4 : Devsecops Continuous delivery
  • CD Security Workflow
  • Secure Design in DevOps
  • Threat Modelling in DevOps
  • Securing the Software Supply Chain
  • OWASP Dependency Check
  • Bundler Audit for Ruby
  • Safe NuGet for NuGet Libraries
  • Nexus Lifecycle
  • Secure Coding in CD
  • Static Analysis in CD
  • Automated Dynamic Analysis in CD
  • Vulnerability Management in DevOps
DevSecOps Engineer 6
module 5 : Operational security

this module, we will discuss some further practices used to increase security within the operations environment and how to scale DevSecOps practices across an enterprise. We will talk about basic security consideration, vulnerability and patch management, and the importance of pre-secured environments to the shift-left mindset.

DevSecOps Engineer 7
module 6 : GRC & AUDIT IN DEVOPS
  • This module explains the importance of governance, risk management and compliance, as well as their related security principles and concepts.
  • We’ll discuss what GRC means in a DevOps context and the reason why we should implement the shift left mindset to audit and compliance.
  • Students will also gain an insight into policy as a code, and together we’ll debunk some myths about separation of duties.
DevSecOps Engineer 8
module 7 : DevSecops production security
  • We will explore the benefits of SIEM with log management and possible approaches to incident response.
  • Cloud Security Solutions, Container Security, Docker Security and OpenShift Security Will be discussed in depth
who should attend this training?
  • IT managers, directors, and corporate stakeholders seeking a greater understanding of the DevSecOps methodology

why should i take this training?
  • Security is one of the biggest topics in the DevOps community right now. Getting practical knowledge in DevSecOps can really make a candidate stand out.

  • The course offers interactive practicals, instructor-led Sessions with experienced subject matter experts

what is the total duration of this training?

Its an Instructor-led online training and the total duration of the training is 30 hours.

For more details about

DevSecops engineer kindly fill

this form

 

 

13 + 2 =

Our clients

Testimonials

I honestly recommend Certcube Labs because i enjoyed their online self-paced and flexible cyber security training schedule. This allowed me to study at the comfort of my home, considering that i am working. I also appreciate the fact that they cater for the beginners like myself who had to be taught the very basics before moving into the real stuff. This is really commendable.

Tumelo

Governance and Risk assurance officer, Lucara Botsawana

A good place to learn every small detail in cybersecurity.Really nice and helpful teacher.
subhum

Btech, BITS Mesra

together Let’s Create the future

5 + 3 =