DevSecOps Training Course

Course Code

devsec

Duration

14 hours (usually 2 days including breaks)

Requirements

  • An understanding of the DevOps process

Audience

  • DevOps

Overview

DevOps is the collaboration of IT operations and software development in the service lifecycle. DevSecOps is the implementation of security practices within the DevOps process. DevSecOps is a practice used for securing and evolving consistently-changing systems at scale.

This instructor-led, live training (onsite or remote) is aimed at DevOps who wish to secure the DevOps process with DevSecOps programs.

By the end of this training, participants will be able to:

  • Understand how a DevSecOps program can integrate security into a software development pipeline.
  • Build a secure continuous delivery pipeline.
  • Automate security testing for a software delivery workflow.

Format of the Course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.

Course Outline

Day One:

Introduction

DevSecOps at a Glance

  • CI (Continuous Integration) and CD (Continuous Delivery)
  • Shifting security to the left, the DevOps way

DevSecOps Method Theories

  • Security for DevOps technologies
  • When and how security interacts with the application and the development lifecycle
  • Shared ownership of security responsibilities and activities

Day Two:

DevSecOps with Jenkins

  • Creating an agent
  • Creating a pipeline job
  • Using SYNK and SonarQube for SAST security scanning
  • Using Arachini and OWASP-ZAP for DAST security scanning
  • Using Anchore and Aqua MicroScanner for image security scanning
  • Developing a DevSecOps pipeline
  • Enabling CI and CD

Security Automation

  • Automating security testing with Gaunit
  • Running an automated attack

Application Security Automation

  • Automating and refactoring XSS attack
  • Automating SQLi attack
  • Automating a fuzzer
  • Testing security in software delivery pipelines

Summary and Conclusion

Testimonials

★★★★★
★★★★★

Related Categories

Related Courses

Course Discounts

Course Discounts Newsletter

We respect the privacy of your email address. We will not pass on or sell your address to others.
You can always change your preferences or unsubscribe completely.

Some of our clients

is growing fast!

We are looking to expand our presence in the US!

As a Business Development Manager you will:

  • expand business in the US
  • recruit local talent (sales, agents, trainers, consultants)
  • recruit local trainers and consultants

We offer:

  • Artificial Intelligence and Big Data systems to support your local operation
  • high-tech automation
  • continuously upgraded course catalogue and content
  • good fun in international team

If you are interested in running a high-tech, high-quality training and consulting business.

Apply now!

This site in other countries/regions