GBP

EN_GB

Shaping the future of IT skills

Maximising IT performance through learning

NotSoSecure DevSecOps - DEVSECOPS

WGAC-CSI-DEVSECOPS

Schedule

See all events for this course

Currently there are no public dates for this course. We can offer you a private group training, or you can pre-register upfront for a future public class. Please contact us.

Description

Show Tabs

Introduction

Two days hands-on training to automate security into a fast-paced DevOps environment using various open-source tools and scripts.

Modern enterprises are implementing the technical and cultural changes required to embrace DevOps methodology by introducing practices such Continuous Integration (CI), Continuous Delivery (CD), Continuous Monitoring (CM) and Infrastructure as Code(IaC) .DevSecOps extends DevOps by introducing security in each of these practices giving a certain level of security assurance in the final product.

In this training, we will demonstrate using our state-of-the-art DevSecOps Lab as to how to inject security in CI, CD, CM and IaC.

Prerequisites & Audience

Anybody with a background in IT or related to software development whether a developer or a manager can attend this course to get an insight about DevOps and DevSecOps.

Course Benefits

Understand how to tackle security issues in a fast-moving DevOps environment
Identify tools/solutions and develop processes to create a secure by default infrastructure
Utilize the integration scripts and tools provided in the DevSecOps Lab to create your own DevSecOps pipeline

Course Topics

Course Objective

Create a security culture/mindset amongst the already integrated “DevOps” team.
Find and fix security bugs as early in SDLC as possible
Build a secure by default infrastructure
Build a system with continuous security monitoring

Course Details

Introduction to DevOps

Introduction and Lab Setup
Challenges with Traditional IT
What is DevOps?

Introduction to DevSecOps

Challenges for Security in DevOps
DevSecOps – Why, What and How?
Vulnerability Management

Continuous Integration

Pre-Commit Hooks
Secrets Management

Continuous Delivery

Software Composition Analysis (SCA)
Static Analysis Security Testing (SAST)
Dynamic Analysis Security Testing (DAST)

Infrastructure As Code

Vulnerability Assessment (VA)
Container Security (CS)
Compliance as Code (CaC)

Continuous Monitoring

Alerting and Monitoring
Introduction to F-ELK

DevSecOps in AWS

DevOps on Cloud Native AWS
AWS Threat Landscape
DevSecOps in Cloud Native AWS

DevSecOps Challenges and Enablers

Challenges with DevSecOps
Building DevSecOps Culture
Security Champions

NotSoSecure courses

Filter courses

NotSoSecure Advanced Infrastructure Hacking - AIH

CODE: WGAC-CSI-AIH

NotSoSecure The Art of Hacking - AoH

CODE: WGAC-CSI-AOH

NotSoSecure Advanced Web Hacking - AWH

CODE: WGAC-CSI-AWH

NotSoSecure Hacking and Securing Cloud Infrastructure

CODE: WGAC-CSI-HSCI

NotSoSecure AppSec for Developers - APPSEC

CODE: WGAC-CSI-APPSEC

NotSoSecure DevSecOps - DEVSECOPS

CODE: WGAC-CSI-DEVSECOPS

NotSoSecure Hacking 101

CODE: WGAC-CSI-HACKING101

We use cookies to understand how you use our site and to improve your experience. To learn more, click here. Read our revised Privacy Policy and Terms and Conditions.