Fundamentals of DevSecOps

17 Ratings

Course Number: DVOP-162
Duration: 2 days (13 hours)
Format: Live, hands-on

Introduction to DevSecOps Overview

DevSecOps (Development, Security, and Operations) is an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire Software Development Life Cycle (SDLC). This DevSecOps Fundamentals training course teaches attendees how to prioritize security and compliance in their workflows.

Location and Pricing

Accelebrate offers instructor-led enterprise training for groups of 3 or more online or at your site. Most Accelebrate classes can be flexibly scheduled for your group, including delivery in half-day segments across a week or set of weeks. To receive a customized proposal and price quote for private corporate training on-site or online, please contact us.

In addition, some courses are available as live, instructor-led training from one of our partners.

Objectives

  • Have a thorough understanding of DevSecOps
  • Implement a process where products and services have safety and security incorporated into the architecture
  • Architect DevSecOps strategies and automation

Prerequisites

All participants must have attended DevOps Fundamentals or have comparable experience implementing basic DevOps principles.

Outline

Expand All | Collapse All

Introduction
DevSecOps Origin and Evolution
  • DevOps beginnings
  • DevSecOps values and manifestos
  • CALMS and SaC (security as code)
  • DevSecOps and the Three Ways
  • DevSecOps outcomes
The Security- and Cyber-Threat Landscape
  • Cyber Thread Industrial Landscape
    • Threat definition
    • Source of threats
    • Outcomes and results
  • Threat (type) models
    • STRIDE
  • MITRE ATT and CK
  • Who/what do we protect from?
    • Published common flaws
    • OWASP top ten
    • EU agency cybersecurity rankings
    • Threat actors and agents
  • What do we protect?
    • protection metrics
    • continuous compliance
Building a DevSecOps Model
  • Responsiveness
    • How, what, to/from whom?
  • KPI(s): Key Performance Indicators
    • Redesigning change management
  • DevSecOps maturity and implementation model
  • Resilience through responsiveness
    • Building a (compliant) model
    • Outcomes
DevSecOps Safety Culture
  • DevSecOps "state of mind" and practices
  • The Trust Algorithm
  • Definition of a safety culture
  • Westrum and Laloux typologies
  • DevSecOps stakeholders
    • Types
    • Collaboration
  • Governance
DevSecOps Best Practices
  • Current assessment
    • Continuous security map/definition
    • Security in the DevOps flow
    • Practices and (shift security left) outcomes
  • Security and the CI/CD pipeline
  • Cloud and container security
  • The target state
    • Artifact, risk, identity, access, and secrets management
  • Perils of a DevOps pipeline
  • Building a secure DevOps pipeline
    • SAST / DAST / IAST / RASP tools
    • Continuous compliance
    • SIEM (security information and event management)
Learning DevSecOps
  • The Third Way (continuous experimentation and learning)
  • Security training (as policy)
  • DevSecOps Dojos
  • Security Chaos Engineering and gamification
  • Learning through experiences, innovation, retrospectives
  • Continuous learning forever
Conclusion

Training Materials

All DevSecOps training attendees receive comprehensive courseware.

Software Requirements

Attendees will not need to install any software on their computers for this class. The class will be conducted in a remote environment that Accelebrate will provide; students will only need a local computer with a web browser and a stable Internet connection. Any recent version of Microsoft Edge, Mozilla Firefox, or Google Chrome will work well.



Learn faster

Our live, instructor-led lectures are far more effective than pre-recorded classes

Satisfaction guarantee

If your team is not 100% satisfied with your training, we do what's necessary to make it right

Learn online from anywhere

Whether you are at home or in the office, we make learning interactive and engaging

Multiple Payment Options

We accept check, ACH/EFT, major credit cards, and most purchase orders



Recent Training Locations

Alabama

Birmingham

Huntsville

Montgomery

Alaska

Anchorage

Arizona

Phoenix

Tucson

Arkansas

Fayetteville

Little Rock

California

Los Angeles

Oakland

Orange County

Sacramento

San Diego

San Francisco

San Jose

Colorado

Boulder

Colorado Springs

Denver

Connecticut

Hartford

DC

Washington

Florida

Fort Lauderdale

Jacksonville

Miami

Orlando

Tampa

Georgia

Atlanta

Augusta

Savannah

Hawaii

Honolulu

Idaho

Boise

Illinois

Chicago

Indiana

Indianapolis

Iowa

Cedar Rapids

Des Moines

Kansas

Wichita

Kentucky

Lexington

Louisville

Louisiana

New Orleans

Maine

Portland

Maryland

Annapolis

Baltimore

Frederick

Hagerstown

Massachusetts

Boston

Cambridge

Springfield

Michigan

Ann Arbor

Detroit

Grand Rapids

Minnesota

Minneapolis

Saint Paul

Mississippi

Jackson

Missouri

Kansas City

St. Louis

Nebraska

Lincoln

Omaha

Nevada

Las Vegas

Reno

New Jersey

Princeton

New Mexico

Albuquerque

New York

Albany

Buffalo

New York City

White Plains

North Carolina

Charlotte

Durham

Raleigh

Ohio

Akron

Canton

Cincinnati

Cleveland

Columbus

Dayton

Oklahoma

Oklahoma City

Tulsa

Oregon

Portland

Pennsylvania

Philadelphia

Pittsburgh

Rhode Island

Providence

South Carolina

Charleston

Columbia

Greenville

Tennessee

Knoxville

Memphis

Nashville

Texas

Austin

Dallas

El Paso

Houston

San Antonio

Utah

Salt Lake City

Virginia

Alexandria

Arlington

Norfolk

Richmond

Washington

Seattle

Tacoma

West Virginia

Charleston

Wisconsin

Madison

Milwaukee

Alberta

Calgary

Edmonton

British Columbia

Vancouver

Manitoba

Winnipeg

Nova Scotia

Halifax

Ontario

Ottawa

Toronto

Quebec

Montreal

Puerto Rico

San Juan