DevSecOps Foundation® (DSOF)

Duration : 2 Days (16 Hours)

DevSecOps Foundation® (DSOF) Course Overview:

The DevSecOps Foundation® (DSOF) certification validates expertise in merging security practices with DevOps, making security an integral part of the software development process. It’s widely adopted by industries to ensure the seamless integration of security, leading to faster and safer development cycles. DSOF emphasizes early integration of security controls, compliance, and risk mitigation in the system life cycle. This approach fosters a collaborative culture among development, security, and operations teams, proactively preventing security flaws and reducing the risk of breaches in software development.

Intended Audience:

  • IT professionals looking to integrate security into operations.
  • Developers seeking insights into security risks in DevOps.
  • System Administrators prioritizing secure rapid deployment.
  • Security professionals wanting a comprehensive view of DevOps.
  • Project Managers involved in DevOps projects.
  • Anyone interested in modern IT security and governance.

Learning Objectives of DevSecOps Foundation® (DSOF):

The DevSecOps Foundation® (DSOF) course focuses on these primary learning objectives:

  • Establishing a solid understanding of DevSecOps concepts, principles, and practices.
  • Integrating security seamlessly into the DevOps process to foster a secure culture.
  • Implementing security and compliance automation within DevOps.
  • Mastering DevSecOps software engineering practices.
  • Gaining proficiency in modern DevSecOps tools and operational models, including CI/CD, cloud security, and container orchestration.
  • Empowering learners to design, construct, verify, and deliver secure software applications.

 Module 1: Why DevSecOps?

  • Key Terms and Concepts
  • Why DevSecOps is important
  • 3 Ways to Think About DevOps+Security
  • Key Principles of DevSecOps

 Module 2: Culture and Management

  • Key Terms and Concepts
  • Incentive Model
  • Resilience
  • Organizational Culture
  • Generativity
  • Erickson, Westrum, and LaLoux
  • Exercise: Influencing Culture

 Module 3: Strategic Considerations

  • Key Terms and Concepts
  • How Much Security is Enough?
  • Threat Modeling
  • Context is Everything
  • Risk Management in a High-velocity World
  • Exercise: Measuring For Success

 Module 4: General Security Considerations

  • Avoiding the Checkbox Trap
  • Basic Security Hygiene
  • Architectural Considerations
  • Federated Identity
  • Log Management

 Module 5: IAM: Identity & Access Management

  • Key Terms and Concepts
  • IAM Basic Concepts
  • Why IAM is Important
  • Implementation Guidance
  • Automation Opportunities
  • How to Hurt Yourself with IAM
  • Exercise: Overcoming IAM Challenges

 Module 6: Application Security

  • Application Security Testing (AST)
  • Testing Techniques
  • Prioritizing Testing Techniques
  • Issue Management Integration
  • Threat Modeling
  • Leveraging Automation

 Module 7: Operational Security

  • Key Terms and Concepts
  • Basic Security Hygiene Practices
  • Role of Operations Management
  • The Ops Environment
  • Exercise: Adding Security to Your CI/CD Pipeline

 Module 8: Governance, Risk, Compliance (GRC) and Audit

  • Key Terms and Concepts
  • What is GRC?
  • Why Care About GRC?
  • Rethinking Policies
  • Policy as Code
  • Shifting Audit Left
  • 3 Myths of Segregation of Duties vs. DevOps
  • Exercise: Making Policies, Audit and Compliance Work with DevOps

 Module 9: Logging, Monitoring, and Response

  • Key Terms and Concepts
  • Setting Up Log Management
  • Incident Response and Forensics
  • Threat Intelligence and Information Sharing

DevSecOps Foundation® (DSOF) Course Prerequisites:

• Basic knowledge and understanding of IT operations
• Familiarity with principles of software development
• Basic understanding of cyber security protocols
• Acquaintance with concepts of Continuous Integration (CI) and Continuous Deployment (CD)
• Previous exposure to Agile and Scrum methodologies.

Discover the perfect fit for your learning journey

Choose Learning Modality

Live Online

  • Convenience
  • Cost-effective
  • Self-paced learning
  • Scalability

Classroom

  • Interaction and collaboration
  • Networking opportunities
  • Real-time feedback
  • Personal attention

Onsite

  • Familiar environment
  • Confidentiality
  • Team building
  • Immediate application

Training Exclusives

This course comes with following benefits:

  • Practice Labs.
  • Get Trained by Certified Trainers.
  • Access to the recordings of your class sessions for 90 days.
  • Digital courseware
  • Experience 24*7 learner support.

Got more questions? We’re all ears and ready to assist!

Request More Details

Please enable JavaScript in your browser to complete this form.

Subscribe to our Newsletter

Please enable JavaScript in your browser to complete this form.
×