Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-800-268-7737 Other Contact Options
Checkout

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:

    $

DevOps Institute: DevSecOps Engineering (DSOE)

New - Learn the purpose, benefits, concepts, and vocabulary of DevSecOps including DevOps security strategies and business benefits.

As companies are pushing code faster and more often than ever, the rate of vulnerabilities in our systems is accelerating. As we are being asked to do more with less, DevOps has shown immense value to business and security as an integral component that needs to be integrated into the strategy.

Topics covered in the course include how DevSecOps provides the business value of DevOps and the ability DevOps has to enable the business and support an organizational transformation with the ultimate goal of increasing productivity, reducing risk, and optimizing cost in the organization.

This course explains how DevOps security practices differ from other security approaches and provides the education needed to understand and apply data and security sciences. Participants learn the purpose, benefits, concepts, and vocabulary of DevSecOps; particularly how DevSecOps roles fit with a DevOps culture and organization. At the end of this course, participants will understand using “security as code” with the intent of making security and compliance consumable as a service.

The course is designed to teach practical steps on how to integrate security programs into DevOps practices and highlights how professionals can use data and security science as the primary means of protecting the organization and customer.

Using real-life scenarios and case studies, participants will have tangible takeaways to leverage when back at the office.

This course positions you to successfully complete the DevSecOps Engineering exam, which is offered on the last day of class for classroom students. Virtual students will receive a voucher for a webcam proctored exam which they can schedule at their convenience.

GK# 100655
Vendor Credits:
  • Global Knowledge Delivered Course
  • Training Exclusives
  • GSA Eligible
No matching courses available.
Start learning as soon as today! Click Add To Cart to continue shopping or Buy Now to check out immediately.
Scheduling a custom training event for your team is fast and easy! Click here to get started.
$
Your Selections:
Location:
No available dates

Who Should Attend?

  • Anyone involved or interested in learning about DevSecOps strategies and automation
  • Anyone involved in Continuous Delivery toolchain architectures
  • Compliance Team
  • Delivery Staff
  • DevOps Engineers
  • IT Managers
  • IT Security Professionals, Practitioners and Managers
  • Maintenance and support staff
  • Managed Service Providers
  • Project & Product Managers
  • Quality Assurance Teams
  • Release Managers
  • Scrum Masters
  • Site Reliability Engineers
  • Software Engineers
  • Testers

What You'll Learn

Learners will gain a practical understanding of:

  • Purpose, benefits, concepts and vocabulary of DevSecOps
  • How DevOps security practices differ from other security approaches
  • Business driven security strategies
  • Understanding and applying data and security sciences
  • The use and benefits of Red and Blue Teams
  • Integrating security into DevOps programs
  • Integrating security into Continuous Delivery workflows
  • How DevSecOps roles fit with a DevOps culture and organization

Course Outline

Course Agenda

  • Course Introduction
    • Course Goals
    • Course Agenda
  • DevOps Foundation Review
    • What is DevOps?
    • DevOps Goals
    • DevOps Values
    • DevOps Stakeholders
    • Exercise: Diagramming Your CI/CD Pipeline
  • Why DevSecOps?
    • Key Terms and Concepts
    • Why DevSecOps is important
    • 3 Ways to Think About DevOps+Security
    • Key Principles of DevSecOps
  • Instilling a DevSecOps Culture
    • Key Terms and Concepts
    • Incentive Model
    • Resilience
    • Organizational Culture
    • Generativity
    • Erickson, Westrum, and LaLoux
    • Exercise: Influencing Culture
  • Strategic Considerations
    • Key Terms and Concepts
    • How Much Security is Enough?
    • Threat Modeling
    • Context is Everything
    • Risk Management in a High-velocity World
    • Exercise: Measuring For Success
  • General Security Considerations
    • Avoiding the Checkbox Trap
    • Basic Security Hygiene
    • Architectural Considerations
    • Federated Identity
    • Log Management
  • IAM: Identity & Access Management
    • Key Terms and Concepts
    • IAM Basic Concepts
    • Why IAM is Important
    • Implementation Guidance
    • Automation Opportunities
    • How to Hurt Yourself with IAM
    • Exercise: Overcoming IAM Challenges
  • Application Security
    • Application Security Testing (AST)
    • Testing Techniques
    • Prioritizing Testing Techniques
    • Issue Management Integration
    • Threat Modeling
    • Leveraging Automation
  • Operational Security
    • Key Terms and Concepts
    • Basic Security Hygiene Practices
    • Role of Operations Management
    • The Ops Environment
    • Exercise: Adding Security to Your CI/CD Pipeline
  • Governance, Risk, Compliance (GRC) and Audit
    • Key Terms and Concepts
    • What is GRC?
    • Why Care About GRC?
    • Rethinking Policies
    • Policy as Code
    • Shifting Audit Left
    • 3 Myths of Segregation of Duties vs. DevOps
    • Exercise: Making Policies, Audit and Compliance Work with DevOps
  • Logging, Monitoring and Response
    • Key Terms and Concepts
    • Setting Up Log Management
    • Incident Response and Forensics
    • Threat Intelligence and Information Sharing
  • Course Review
    • Where We Started
    • What We Covered
    • Key Reminders of What’s Important
    • Exercise: Creating a Personal Action Plan
  • Exam Preparation
    • Exam Requirements, Question Weighting and Terminology List
    • Sample Exam Review
BUY NOW

Prerequisites

The DevOps Institute – DevOps Foundation course is a prerequisite for this course to ensure course participants are aligned with the baseline DevOps definitions and principles.

Related Certifications

Successfully passing (65%) the 90 minute examination, consisting of 40 multiple-choice questions, leads to the candidate’s designation as a certified DevSecOps Engineer (DSOE). The certification is governed and maintained by the DevOps Institute.

DevSecOps Engineer

PDUs

This course qualifies you for the following PMI® Professional Development Units (PDUs):


Classroom Live and Virtual Classroom Live

  • Leadership = #3
  • Strategic and Business Management = #10
  • Technical Project Management = # 3

Total = #16

 

Self-Paced

  • Leadership = #3
  • Strategic and Business Management = #10
  • Technical Project Management = #3


Total = #16

BUY NOW

Follow-On Courses

Pending on an individuals role within the organization, several other courses may add value to the organization