Course Overview
Learn the purpose, benefits, concepts, and vocabulary of DevSecOps including DevOps security strategies and business benefits.
The course fee includes the open book, online Proctored exam. Delegates will receive a voucher for this exam which they can sit, at their convenience, post course.
Moyens d'évaluation :
- Quiz pré-formation de vérification des connaissances (si applicable)
- Évaluations formatives pendant la formation, à travers les travaux pratiques réalisés sur les labs à l’issue de chaque module, QCM, mises en situation…
- Complétion par chaque participant d’un questionnaire et/ou questionnaire de positionnement en amont et à l’issue de la formation pour validation de l’acquisition des compétences
Who should attend
The target audience for the DevSecOps Foundation course are professionals including:
- Anyone involved or interested in learning about DevSecOps strategies and automation
- Anyone involved in Continuous Delivery toolchain architectures
- Compliance Team
- Business managers
- Delivery Staff
- DevOps Engineers
- IT Managers
- IT Security Professionals, Practitioners, and Managers
- Maintenance and support staff
- Managed Service Providers
- Project & Product Managers
- Quality Assurance Teams
- Release Managers
- Scrum Masters
- Site Reliability Engineers
- Software Engineers
- Testers
Prerequisites
Participants should have baseline knowledge and understanding of common DevOps definitions and principles.
Course Content
Realizing DevSecOps Outcomes
- Origins of DevOps
- Evolution of DevSecOps
- CALMS
- The Three Ways
Defining the Cyberthreat Landscape
- What is the Cyber Threat Landscape?
- What is the threat?
- What do we protect from?
- What do we protect, and why?
- How do I talk to security?
Building a Responsive DevSecOps Model
- Demonstrate Model
- Technical, business and human outcomes
- What’s being measured?
- Gating and thresholding
Integrating DevSecOps Stakeholders
- The DevSecOps State of Mind
- The DevSecOps Stakeholders
- What’s at stake for who?
- Participating in the DevSecOps model
Establishing DevSecOps Best Practices
- Start where you are
- Integrating people, process and technology and governance
- DevSecOps operating model
- Communication practices and boundaries
- Focusing on outcomes
Best Practices to get Started
- The Three Ways
- Identifying target states
- Value stream-centric thinking
- DevOps Pipelines and Continuous Compliance
- The goal of a DevOps pipeline
- Why continuous compliance is important
- Archetypes and reference architectures
- Coordinating DevOps Pipeline construction
- DevSecOps tool categories, types and examples
Learning Using Outcomes
- Security Training Options
- Training as Policy
- Experiential Learning
- Cross-Skilling
- The DevSecOps Collective Body of Knowledge
- Preparing for the DevSecOps Foundation certification exam
Moyens Pédagogiques :