Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Certified DevSecOps Professional (CDP)
We all have heard about DevSecOps, Shifting
Left, Rugged DevOps but there are no clear
examples or frameworks available for security
professionals to implement in their organization. This hands-on course will teach you exactly
that, tools and techniques to embed security as
part of the DevOps pipeline. We will learn how
unicorns like Google, Facebook, Amazon, Etsy
handle security at scale and what we can learn
from them to mature our security programs.
In DevSecOps Professional training you will
learn how to handle security at scale using
DevSecOps practices. We will start off with the
basics of the DevOps, DevSecOps and move
towards advanced concepts such as Security as
Code, Compliance as Code, Configuration
management, Infrastructure as code, etc.
Course Overview
1. Course participants should have knowledge of running basic Linux commands like ls, cd, mkdir etc.
2. Course participants should have basic understanding of application Security practices like OWASP Top 10.
3. You don't need any experience with DevOps or DevOps tools.
Learning Objectives
1. Gain a solid foundation of the CI/CD pipelines,
DevOps, and Secure SDLC.
2. Understand the critical parts of DevSecOps
processes, tools, and techniques.
3. Learn to create a culture of sharing and
collaboration among various stakeholders,
and departments in an organization.
4. Create and maintain DevSecOps Pipelines
using SCA, SAST, DAST, IaC, CaC, and Security as code best practices.
5. Hardening and compliance of infrastructure according to the organization's policies.
6. Learn to consolidate and centrally manage
security results from multiple automations
and tooling from a CI/CD pipeline.
7. Plan and mature an organizations DevSecOps
program using industry best practices.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.