Course Details
Course Outline
1 - Course Introduction
Course GoalsCourse Agenda
2 - Why DevSecOps
Key Terms and ConceptsWhy DevSecOps is important3 Ways to Think About DevOps+SecurityKey Principles of DevSecOps
3 - Culture and Management
Key Terms and ConceptsIncentive Model ResilienceOrganizational CultureGenerativityErickson, Westrum, and LaLouxExercise: Influencing Culture
4 - Strategic Considerations
Key Terms and ConceptsHow Much Security is Enough?Threat ModelingContext is EverythingRisk Management in a High-velocity WorldExercise: Measuring For Success
5 - General Security Considerations
Avoiding the Checkbox TrapBasic Security HygieneArchitectural ConsiderationsFederated IdentityLog Management
6 - IAM: Identity & Access Management
Key Terms and ConceptsIAM Basic ConceptsWhy IAM is ImportantImplementation GuidanceAutomation OpportunitiesHow to Hurt Yourself with IAMExercise: Overcoming IAM Challenges
7 - Application Security
Application Security Testing (AST)Testing TechniquesPrioritizing Testing TechniquesIssue Management IntegrationThreat ModelingLeveraging Automation
8 - Operational Security
Key Terms and ConceptsBasic Security Hygiene Practices Role of Operations ManagementThe Ops EnvironmentExercise: Adding Security to Your CI/CD Pipeline
9 - Governance, Risk, Compliance (GRC) and Audit
Key Terms and ConceptsWhat is GRC?Why Care About GRC?Rethinking PoliciesPolicy as CodeShifting Audit Left3 Myths of Segregation of Duties vs. DevOpsExercise: Making Policies, Audit and Compliance
10 - Logging, Monitoring and Response
Key Terms and ConceptsSetting Up Log ManagementIncident Response and ForensicsThreat Intelligence and Information Sharing
11 - Course Review
Where We StartedWhat We CoveredKey Reminders of What’s Important Exercise: Creating a Personal Action Plan
12 - Exam Preparations
Exam Requirements, Question Weighting and
13 - Terminology List
Sample Exam Review
Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Who is it For?
Target Audience
This course is intended for:
Anyone starting or leading a DevOps cultural transformation program
Anyone interested in modern IT leadership and organizational change approaches
Business Analysts
Business Stakeholders
Consultants
DevOps tool providers
IT Operations Managers
IT Leadership
Practitioners and change agents
Project Managers
Systems Integrators
Team Leaders, Managers, Directors
Tool Suppliers
Prerequisites