DevSecOps Training Course
DevOps is the collaboration of IT operations and software development in the service lifecycle. DevSecOps is the implementation of security practices within the DevOps process. DevSecOps is a practice used for securing and evolving consistently-changing systems at scale.
This instructor-led, live training (online or onsite) is aimed at DevOps who wish to secure the DevOps process with DevSecOps programs.
By the end of this training, participants will be able to:
- Understand how a DevSecOps program can integrate security into a software development pipeline.
- Build a secure continuous delivery pipeline.
- Automate security testing for a software delivery workflow.
Format of the Course
- Interactive lecture and discussion.
- Lots of exercises and practice.
- Hands-on implementation in a live-lab environment.
Course Customization Options
- To request a customized training for this course, please contact us to arrange.
Course Outline
Day One:
Introduction
DevSecOps at a Glance
- CI (Continuous Integration) and CD (Continuous Delivery)
- Shifting security to the left, the DevOps way
DevSecOps Method Theories
- Security for DevOps technologies
- When and how security interacts with the application and the development lifecycle
- Shared ownership of security responsibilities and activities
Day Two:
DevSecOps with Jenkins
- Creating an agent
- Creating a pipeline job
- Using SYNK and SonarQube for SAST security scanning
- Using Arachini and OWASP-ZAP for DAST security scanning
- Using Anchore and Aqua MicroScanner for image security scanning
- Developing a DevSecOps pipeline
- Enabling CI and CD
Security Automation
- Automating security testing with Gaunit
- Running an automated attack
Application Security Automation
- Automating and refactoring XSS attack
- Automating SQLi attack
- Automating a fuzzer
- Testing security in software delivery pipelines
Summary and Conclusion
Requirements
- An understanding of the DevOps process
Audience
- DevOps
Need help picking the right course?
DevSecOps Training Course - Booking
DevSecOps Training Course - Enquiry
DevSecOps - Consultancy Enquiry
Testimonials (2)
working with DevOps Toolchain
Kesh - Vodacom
Course - DevOps Foundation®
new information
Michael Durisin - Deutsche Telekom IT & Telecommunications Slovakia s.r.o
Course - Site Reliability Engineering (SRE) Foundation®
Upcoming Courses
Related Courses
AI Automation with n8n and LangChain
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at developers and IT professionals of all skill levels who wish to automate tasks and processes using AI without writing extensive code.
By the end of this training, participants will be able to:
- Design and implement complex workflows using n8n's visual programming interface.
- Integrate AI capabilities into workflows using LangChain.
- Build custom chatbots and virtual assistants for various use cases.
- Perform advanced data analysis and processing with AI agents.
n8n for Beginners
7 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at beginner-level business professionals and IT enthusiasts who wish to learn the basics of n8n for automating tasks and processes.
By the end of this training, participants will be able to:
- Understand the fundamentals of n8n and its node-based interface.
- Set up and configure n8n.
- Create simple workflows to automate tasks.
- Connect different services and applications using n8n.
Building AI Workflows in n8n
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at intermediate-level to advanced-level developers and AI hobbyists who wish to create advanced AI workflows in n8n.
By the end of this training, participants will be able to:
- Understand the integration of AI services with n8n workflows.
- Implement AI-driven decision-making in automated processes.
- Create custom AI nodes and use pre-built AI nodes in n8n.
- analyze and optimize the performance of AI workflows.
DevOps Foundation®
14 HoursThe DevOps Foundation course provides a baseline understanding of key DevOps terminology to ensure everyone is talking the same language and highlights the benefits of DevOps to support organizational success.
DevSecOps Foundation (DSOF)®
14 HoursCourse topics covered include how DevSecOps provides business value, enhancing your business opportunities, and improving corporate value. The core DevSecOps principles taught can support an organizational transformation, increase productivity, reduce risk, and optimize resource usage.
DevOps Leader (DOL)®
14 HoursThe course highlights the human dynamics of cultural change and equips participants with practices, methods, and tools to engage people across the DevOps spectrum through the use of real-life scenarios and case studies. Upon completion of the course, participants will have tangible takeaways to leverage when back in the office such as understanding Value Stream Mapping.
DevSecOps Practitioner (DSOP)®
21 HoursDevSecOps Practitioner introduces a range of practices for advancing to more comprehensive understanding of DevSecOps practices. Explore practical outcomes through finding the right mix of people, building processes to accelerate value, and comparing technological options available today. Tailored for recently transformed organizations who are looking to enhance DevSecOps skills and awareness.
Continuous Delivery Ecosystem Foundation (CDEF)®
14 HoursThis course is designed for participants who are engaged in the design, implementation, and management of DevOps deployment pipelines and toolchains that support Continuous Integration, Continuous Delivery, Continuous Testing and potentially Continuous Deployment. The course highlights underpinning processes, metrics, APls and cultural considerations with Continuous Delivery
Continuous Testing Foundation (CTF)®
14 HoursLearn how to optimize testing, to test faster and still obtain good quality and a consistent stable result.
Value Stream Management Foundation®
14 HoursAn introduction to value stream management principles, practices, and tools. Designed to optimize value flow and realization in digital value streams and develop individuals’ skills. Digital value streams include the software applications and services in addition to the platforms that support them e.g., cloud infrastructure or DevOps toolchains
DevOps Engineering Foundation (DOEF)®
14 HoursLearn what DevOps Engineering is, why DevOps engineering is important, and how DevOps is engineered for success.
The course opens with a short review of DevOps foundational principles and then transitions into implementing DevOps. It is designed from an engineering point of view and covers topics such as DevOps in relation to other frameworks, technologies,
application design practices, continuous integration practices, continuous delivery and deployment, continuous testing, elastic infrastructures, monitoring, metrics, observability, governance, human aspects, and future trends of DevOps engineering.
Site Reliability Engineering (SRE) Foundation®
14 HoursThe SRE (Site Reliability Engineering) Foundation course is an introduction to the principles & practices that enable an organization to reliably and economically scale critical services. Introducing a site-reliability dimension requires organizational re-alignment, a new focus on engineering & automation, and the adoption of a range of new working paradigms.
SonarQube for DevOps
14 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at DevOps engineers and developers who wish to use SonarQube to run code reviews that are fully-integrated into development tool chains, such as Jenkins, GitHub, Azure DevOps, etc.
By the end of this training, participants will be able to:
- Set up the necessary development environment to start running automatic code reviews.
- Integrate SonarQube with continuous integration tools, such as Jenkins, Azure DevOps, etc.
- Run continuous code inspections to eliminate bugs and security vulnerabilities.
- Collect and analyze data to drive improvements for code cleanup, maintenance, and security.
Getting Started with Argo Project and Core Components
7 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at developers and DevOps engineers who wish to familiarize themselves with Argo Project tools and maximize its functions for developing cloud-native applications.
By the end of this training, participants will be able to:
- Install and configure Argo CD along with Workflows, Rollouts, and Events.
- Understand how each core component and main functionality of the Argo Project works.
- Execute basic CI/CD implementations in Kubernetes using Argo Project tools and features.
- Automate the deployment of an application and efficiently manage its state throughout the process.
Argo CD
7 HoursThis instructor-led, live training in the UAE (online or onsite) is aimed at system administrators and developers who wish to use Argo CD to automate the deployment and lifecycle management of applications.
By the end of this training, participants will be able to automate, monitor, audit, and roll back their Kubernetes systems using Argo CD.