+91 9325761018 letsconnect@skillsmetrix.com Login for Student Login for Admin

Fundamentals of DevSecOps

Fundamentals of DevSecOps

Enroll Now
data-analyst-science near Pune
Recorded content
Of Total 10 Hrs.
data-analyst-science near Pune
Duration
3 Months (50 hours)
data-analyst-science near Pune
LIVE sessions
4 Workshops
data-analyst-science near Pune
Hands-On Learning
With Practice Modules
data-analyst-science near Pune
Certificate
With License

Overview

DevSecOps (Development, Security, and Operations) is an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire Software Development Life Cycle (SDLC). This DevSecOps Fundamentals training course teaches attendees how to prioritize security and compliance in their workflows.

Objective

  • Have a thorough understanding of DevSecOps
  • Implement a process where products and services have safety and security incorporated into the architecture
  • Architect DevSecOps strategies and automation
Join Next Batch Starting on September 10th

Outline

  • • DevOps beginnings
  • • DevSecOps values and manifestos
  • • CALMS and SaC (security as code)
  • • DevSecOps and the Three Ways
  • • DevSecOps outcomes
  • • Cyber Thread Industrial Landscape
  • • Threat definition
  • o Source of threats
  • o Outcomes and results
  • o Threat (type) models
  • STRIDE
  • • MITRE ATT and CK
  • o Who/what do we protect from?
  • o Published common flaws
  • o OWASP top ten
  • o EU agency cybersecurity rankings
  • o Threat actors and agents
  • • What do we protect?
  • o protection metrics
  • o continuous compliance

  • • Responsiveness
  • o How, what, to/from whom?
  • • KPI(s): Key Performance Indicators
  • o Redesigning change management
  • • DevSecOps maturity and implementation model
  • • Resilience through responsiveness
  • o Building a (compliant) model
  • o Outcomes

  • • DevSecOps "state of mind" and practices
  • • The Trust Algorithm
  • • Definition of a safety culture
  • • Westrum and Laloux typologies
  • • DevSecOps stakeholders
  • o Types
  • o Collaboration
  • • Governance

  • • Current assessment
  • o Continuous security map/definition
  • o Security in the DevOps flow
  • o Practices and (shift security left) outcomes
  • • Security and the CI/CD pipeline
  • • Cloud and container security
  • • The target state
  • o Artifact, risk, identity, access, and secrets management
  • • Perils of a DevOps pipeline
  • • Building a secure DevOps pipeline
  • o SAST / DAST / IAST / RASP tools
  • o Continuous compliance
  • o SIEM (security information and event management)

  • • The Third Way (continuous experimentation and learning)
  • • Security training (as policy)
  • • DevSecOps Dojos
  • • Security Chaos Engineering and gamification
  • • Learning through experiences, innovation, retrospectives
  • • Continuous learning forever

Training Materials

All DevSecOps training attendees receive comprehensive courseware.

Software Requirements

Attendees will not need to install any software on their computer for this class. The class will be conducted in a remote environment that Skillmetrix will provide; students will only need a local computer with a web browser and a stable Internet connection. Any recent version of Microsoft Edge, Mozilla Firefox, or Google Chrome will work well.

Why Online Bootcamps

Develop skills for real career growth

Cutting-edge curriculum designed in guidance with industry and academia to develop job-ready skills

Learn by working on real-world problems

Capstone projects involving real world data sets with virtual labs for hands-on learning

Learn from experts active in their field, not out-of-touch trainers

Leading practitioners who bring current best practices and case studies to sessions that fit into your work schedule.

Structured guidance ensuring learning never stops

24x7 Learning support from mentors and a community of like-minded peers to resolve any conceptual doubts