SecDevOps Foundation (SDOF) Certification Training

Nivå: Intermediate

SecDevOps is an initiative to put cybersecurity first within the security, development, and operations teams, requiring change management involved in the System Engineering Life Cycle (SELC). This DOI-certified course addresses benefits, concepts, and vocabulary of SecDevOps and DevSecOps; how they evolved from Agile practises; and highlights differences between DevOps practises and other types of security approaches.

IN THE NEWS: Learning Tree Launches Exclusive, Fully Accredited SecDevOps Certification with DevOps Institute

Nyckelfunktioner:

  • Prepare for the DevOps Institute SecDevOps Foundation Certification with the world's first accredited SecDevOps certification course
  • After-course instructor coaching benefit
  • Certification from DevOps Institute

Du kommer lära dig att:

  • Explain the purpose, benefits, concepts and vocabulary of SecDevOps.
  • Differentiate DevOps security practises from other security approaches.
  • Trace the history and evolution of SecDevOps.
  • Focus on Business-driven security strategies.
  • Apply data and security science techniques.
  • Benefit from Security Testing with Red and Blue Teams.
  • Integrate security into Continuous Integration and Delivery workflows.
  • Integrate SecDevOps roles with a DevOps culture and organisation.

Välj den utbildningsform som passar dig bäst

LIVE, LÄRARLEDD

I klass & Live, Online-utbildning

  • 3-day instructor-led training course
  • After-course instructor coaching benefit
  • DevOps Institute certification exam included

UTBILDNING PÅ DIN ARBETSPLATS

Teamträning

  • Använd denna eller någon annan utbildning i ditt företag
  • Fullskalig programutveckling
  • Levereras när, var och hur du vill
  • Blandade utbildningsmodeller
  • Skräddarsytt innehåll
  • Coaching av ett expertteam

Anpassa kurs och innehåll efter teamets behov

Kontakta oss

Utveckla dig och ditt team med anpassade eller öppna kurser alternativt e-learning

Learning Tree erbjuder kundanpassad utbildning hos er, öppna kurser i Stockholm, London eller Washington, möjlighet att delta via våra Anywhere centers (Malmö, Göteborg, Linköping, Stockholm eller Borlänge) eller olika former av e-learning med lärarstöd. Läs mer på www.learningtree.se/priser .

I klass & Live, Online-utbildning

Note: This course runs for 3 dagar

  • 20 - 22 dec 9:00 - 16:30 CET Stockholm / Online (AnyWare) Stockholm / Online (AnyWare) Boka Din Kursplats

  • 16 - 18 mar 9:00 - 16:30 CET Stockholm / Online (AnyWare) Stockholm / Online (AnyWare) Boka Din Kursplats

  • 6 - 8 dec 9:00 - 16:30 GMT Online (AnyWare) Online (AnyWare) Boka Din Kursplats

  • 7 - 9 mar 9:00 - 16:30 GMT Online (AnyWare) Online (AnyWare) Boka Din Kursplats

  • 30 maj - 1 jun 9:00 - 16:30 BST Online (AnyWare) Online (AnyWare) Boka Din Kursplats

  • 22 - 24 aug 9:00 - 16:30 BST Online (AnyWare) Online (AnyWare) Boka Din Kursplats

  • 13 - 15 okt 15:00 - 22:30 CCST Ottawa / Online (AnyWare) Ottawa / Online (AnyWare) Boka Din Kursplats

  • 17 - 19 nov 15:00 - 22:30 CCET Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Boka Din Kursplats

  • 15 - 17 dec 15:00 - 22:30 CCET New York / Online (AnyWare) New York / Online (AnyWare) Boka Din Kursplats

  • 12 - 14 jan 15:00 - 22:30 CCET Ottawa / Online (AnyWare) Ottawa / Online (AnyWare) Boka Din Kursplats

  • 16 - 18 feb 15:00 - 22:30 CCET Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Boka Din Kursplats

  • 16 - 18 mar 14:00 - 21:30 CCET New York / Online (AnyWare) New York / Online (AnyWare) Boka Din Kursplats

  • 12 - 14 apr 15:00 - 22:30 CCST Ottawa / Online (AnyWare) Ottawa / Online (AnyWare) Boka Din Kursplats

  • 18 - 20 maj 15:00 - 22:30 CCST Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Boka Din Kursplats

  • 15 - 17 jun 15:00 - 22:30 CCST New York / Online (AnyWare) New York / Online (AnyWare) Boka Din Kursplats

Kurs med startgaranti

När du ser symbolen för “Guaranteed to Run” vid ett kurstillfälle vet du att kursen blir av. Garanterat.

Important SecDevOps Foundation Training Information

  • Who Should Attend this Course

    Software Developers/Tester, Release Manager, Automation Architects, XA Professional, Security Engineer, System Administrators.

  • Certification Information

    • The exam is taken in-class and is included in the course tuition fee.
    • The exam is open book and is 60 minutes in duration.
    • It is highly recommended that candidates attend the SecDevOps Foundation course with a DevOps Institute accredited Education Partner to prepare for the certification exam.
    • Exam administered through DOI leading to Certification.

SecDevOps Foundation Training Outline

  • Agile/DevOps Foundation Review

    • What is Agile/DevOps?
    • DevOps Goals
    • DevOps Values
    • DevOps Stakeholders
  • Why SecDevOps?

    • Key Terms and Concepts.
    • Why SecDevOps is important.
    • 3 Ways to Think About DevOps + Security.
    • Key Principles of SecDevOps
    • SecDevOps security-first philosophy.
    • SecDevOps evolution from DevSecOps.
  • Culture and Management

    • Key Terms and Concepts
    • Incentive Model
    • Resilience
    • Organisational Culture
    • Generativity
    • Erickson, Westrum, and LaLoux
  • Strategic Considerations

    • Key Terms and Concepts.
    • How Much Security is Enough?
    • Threat Modelling.
    • Context is Everything.
    • Risk Management in a High-velocity World.
    • Team Security Profiling
  • General Security Considerations

    • Avoiding the Checkbox Trap
    • Basic Security Hygiene
    • Architectural Considerations
    • Federated Identity
    • Log Management
  • Feature and Security Workflow

    • Configuration Management
    • Centralised Workflow
    • Workflow Branch Classifications
    • Pre and post commit
    • Deployment and Release Orchestration
  • Acquisition Lifecycle Security

    • Needs Phase requirements vs. security.
    • Acquisition Review Board (ARB)
    • Analyze/Select Phase measurement metrics.
    • Obtain Phase Life Cycle
    • Planning and Scheduling
    • Dispose Phase Concerns
  • Identity and Access Management (IAM)

    • Key Terms and Concepts
    • IAM Basic Concepts
    • Why IAM is Important
    • Implementation Guidance
    • Automation Opportunities
    • How to Hurt Yourself with IAM
  • Application Security

    • Application Security Testing (AST)
    • Testing Techniques
    • Prioritising Testing Techniques
    • Issue Management Integration
    • Threat Monitoring
    • Leveraging Automation
    • Secure Coding and OWASP compliance
  • Operational Security

    • Key Terms and Concepts
    • Basic Security Hygiene Practises
    • Role of Operations Management
    • The Ops Environment
    • Embracing Fail-Early, Fail-First
    • Security infrastructure as code
  • Cross-Team Security

    • Key Terms and Concepts
    • Establishing Trust
    • Promoting Shared Responsibility
    • Team Verification Techniques
    • Embedded Point-of-Contact
    • Security, Development and Operations Sprints
  • Roles and Responsibilities

    • SecDevOps Coach
    • Product Owner Expanded Responsibilities
    • Program and Project Manager
    • Information System Security Officer (ISSO)
    • SecDevOps Engineer
    • Site Reliability Engineer
  • Governance, Risk, Compliance (GRC) Audit

    • Key Terms and Concepts
    • What is GRC?
    • Why Care About GRC?
    • Rethinking Policies
    • Policy as Code
    • Shifting Audit Left
    • 3 Myths of Segregation of Duties vs. DevOps
  • Logging, Monitoring and Response

    • Key Terms and Concepts
    • Setting Up Log Management
    • Incident Response and Forensics
    • Threat Intelligence and Information Sharing
  • Continual Improvement

    • Retrospectives
    • Continuous Learning
    • Open Collaboration (including security)
    • Shared intelligence
  • Review and Summary

    • Exam Review
    • Key course concepts
    • Next steps

Teamträning

SecDevOps Foundation Training FAQs

  • How is this course different from DevSecOps?

    SecDevOps is an initiative to put cybersecurity first, along with extensions that aim to ensure optimum security throughout all phases of the software life cycle, within the cybersecurity, development, and operations teams.

Stockholm / Online (AnyWare)
Stockholm / Online (AnyWare)
Online (AnyWare)
Online (AnyWare)
Online (AnyWare)
Online (AnyWare)
Ottawa / Online (AnyWare)
Herndon, VA / Online (AnyWare)
New York / Online (AnyWare)
Ottawa / Online (AnyWare)
Herndon, VA / Online (AnyWare)
New York / Online (AnyWare)
Ottawa / Online (AnyWare)
Herndon, VA / Online (AnyWare)
New York / Online (AnyWare)
Why do we require your location?

It allows us to direct your request to the appropriate Customer Care team.

Hur föredrar du att bli kontaktad:

Please Choose a Language

Canada - English

Canada - Français