• Online, Self-Paced
Course Description

We all have heard about DevSecOps, Shifting
Left, Rugged DevOps but there are no clear
examples or frameworks available for security
professionals to implement in their organization. This hands-on course will teach you exactly
that, tools and techniques to embed security as
part of the DevOps pipeline. We will learn how
unicorns like Google, Facebook, Amazon, Etsy
handle security at scale and what we can learn
from them to mature our security programs.

In DevSecOps Professional training you will
learn how to handle security at scale using
DevSecOps practices. We will start off with the
basics of the DevOps, DevSecOps and move
towards advanced concepts such as Security as
Code, Compliance as Code, Configuration
management, Infrastructure as code, etc.

Learning Objectives

1. Gain a solid foundation of the CI/CD pipelines,
DevOps, and Secure SDLC.

2. Understand the critical parts of DevSecOps
processes, tools, and techniques.

3. Learn to create a culture of sharing and
collaboration among various stakeholders,
and departments in an organization.

4. Create and maintain DevSecOps Pipelines
using SCA, SAST, DAST, IaC, CaC, and Security as code best practices.

5. Hardening and compliance of infrastructure according to the organization's policies.

6. Learn to consolidate and centrally manage
security results from multiple automations
and tooling from a CI/CD pipeline.

7. Plan and mature an organizations DevSecOps
program using industry best practices.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Competency Areas