DevSecOps Foundation (DSOF)

Nivå: Intermediate

A DevSecOps Engineer is an IT Security professional who is skilled at security as code with the intent of making security and compliance consumable as a service. A DevSecOps Engineer uses data and security science as its primary means of protecting the organisation and customer.

This training addresses the purpose, benefits, concepts and vocabulary of DevSecOps, how DevOps security practises differ from other types of security approaches, and an overview of DevOps security strategies including business driven security scores.

Key Features of this DevSecOps Foundation Training:

  • Participate in unique activities designed to apply training
  • Take sample documents, templates, tools and techniques with you post-training
  • Exam is included to test for certification

Du kommer lära dig att:

  • Explain the purpose, benefits, concepts and vocabulary of DevSecOps
  • Differentiate DevOps security practises from other security approaches
  • Focus on Business-driven security strategies
  • Apply data and security sciences
  • Benefit from Security Testing with Red and Blue Teams
  • Integrate security into Continuous Delivery workflows
  • Integrate DevSecOps roles with a DevOps culture and organisation

Välj den utbildningsform som passar dig bäst

UTBILDNING PÅ DIN ARBETSPLATS

Teamträning

  • Använd denna eller någon annan utbildning i ditt företag
  • Fullskalig programutveckling
  • Levereras när, var och hur du vill
  • Blandade utbildningsmodeller
  • Skräddarsytt innehåll
  • Coaching av ett expertteam
View Details ›

Anpassa kurs och innehåll efter teamets behov

Kontakta oss

Utveckla dig och ditt team med anpassade eller öppna kurser alternativt e-learning

Learning Tree erbjuder kundanpassad utbildning hos er, öppna kurser i Stockholm, London eller Washington, möjlighet att delta via våra Anywhere centers (Malmö, Göteborg, Linköping, Stockholm eller Borlänge) eller olika former av e-learning med lärarstöd. Läs mer på www.learningtree.se/priser .

Teamträning

Important DevSecOps Foundation Training Information

  • Recommended Experience

    Familiarity with IT software development and operations responsibilities

  • Industry Credits

    16 PMI PDUs (Although DOI has not currently been issued an official code to submit for PMI PDU credit, you can submit for credit successfully by way of the “Other” category at the PMI website. Essentially, 1 PDU credit per hour of instructor-led training. So, in the case of DevOps Foundation, 16 credits would be applicable.)

  • Exam/Certification Information

    • 40 multiple choice questions, closed book
    • 90 min, additional 15 minutes is granted to non-native English speakers
    • 65% pass
    • DOI exams are administered by Kryterion Global Testing Solutions 
    • To maintain the value and integrity of the certification, all candidates are required to attend approved DOI classes through one of the DOI REPs (Registered Education Providers) to be eligible to sit the exam.

DevSecOps Foundation Training Outline

  • DevOps Foundation Review

    • What is DevOps?
    • DevOps Goals
    • DevOps Values
    • DevOps Stakeholders
  • Why DevSecOps?

    • Key Terms and Concepts
    • Why DevSecOps is important
    • 3 Ways to Think About DevOps+Security
    • Key Principles of DevSecOps
  • Culture and Management

    • Key Terms and Concepts
    • Incentive Model
    • Resilience
    • Organisational Culture
    • Generativity
    • Erickson, Westrum, and LaLoux
  • Strategic Considerations

    • Key Terms and Concepts
    • How Much Security is Enough?
    • Threat Modelling
    • Context is Everything
    • Risk Management in a High-velocity World
  • General Security Considerations

    • Avoiding the Checkbox Trap
    • Basic Security Hygiene
    • Architectural Considerations
    • Federated Identity
    • Log Management
  • Identity & Access Management (IAM)

    • Key Terms and Concepts
    • IAM Basic Concepts
    • Why IAM is Important
    • Implementation Guidance
    • Automation Opportunities
    • How to Hurt Yourself with IAM
  • Application Security

    • Application Security Testing (AST)
    • Testing Techniques
    • Prioritising Testing Techniques
    • Issue Management Integration
    • Threat Modelling
    • Leveraging Automation
  • Operational Security

    • Key Terms and Concepts
    • Basic Security Hygiene Practises
    • Role of Operations Management
    • The Ops Environment
  • Governance, Risk, Compliance (GRC) and Audit

    • Key Terms and Concepts
    • What is GRC?
    • Why Care About GRC?
    • Rethinking Policies
    • Policy as Code
    • Shifting Audit Left
    • 3 Myths of Segregation of Duties vs. DevOps
  • Logging, Monitoring and Response

    • Key Terms and Concepts
    • Setting Up Log Management
    • Incident Response and Forensics
    • Threat Intelligence and Information Sharing
  • Exam Review

DevSecOps Foundation Training FAQs

  • Can I take the exam without the course?

    DevOps Institute (DOI) believes certification reflects the quality of your training experience. To maintain the value and integrity of the certification, all candidates are required to attend approved DOI classes through a REP like Learning Tree in order to be eligible to sit the exam.

Questions about which training is right for you?

call 08-506 668 00




Stockholm / Online (AnyWare)
Hur föredrar du att bli kontaktad:

Please Choose a Language

Canada - English

Canada - Français