DevOps Institute: DevSecOps Foundation - Including Exam [DEVSOF]
Dates et lieux de début
computer En ligne: VIRTUAL TRAINING CENTER 10 avr. 2025 jusqu'au 11 avr. 2025 |
computer En ligne: VIRTUAL TRAINING CENTER 5 juin 2025 jusqu'au 6 juin 2025 |
computer En ligne: VIRTUAL TRAINING CENTER 9 sept. 2025 jusqu'au 10 sept. 2025 |
computer En ligne: VIRTUAL TRAINING CENTER 12 nov. 2025 jusqu'au 13 nov. 2025 |
Description
Vrijwel iedere training die op een onze locaties worden getoond zijn ook te volgen vanaf huis via Virtual Classroom training. Dit kunt u bij uw inschrijving erbij vermelden dat u hiervoor kiest.
OVERVIEW
Integrating security practices into DevOps, such as Security as Code, is a way for security practitioners to operate and contribute value with less friction. Security practices must adapt dynamically to ensure data security and privacy issues are not left behind in the fast-paced world of DevOps
AUDIENCE
Target audience:
- Anyone involved or interested in learning about DevSecOps strategies and automation
- Anyone involved in Continuous Delivery toolchain architectures
- Compliance Team
- Delivery Staff
- DevOps Engineers
- IT Managers
- IT Security Professionals, Practitioners, and Managers
- Maintenance and support staff
- Managed Service Providers
- Project & Product Manag…
Foire aux questions (FAQ)
Il n'y a pour le moment aucune question fréquente sur ce produit. Si vous avez besoin d'aide ou une question, contactez notre équipe support.
Vrijwel iedere training die op een onze locaties worden getoond zijn ook te volgen vanaf huis via Virtual Classroom training. Dit kunt u bij uw inschrijving erbij vermelden dat u hiervoor kiest.
OVERVIEW
Integrating security practices into DevOps, such as
Security as Code, is a way for security practitioners to operate
and contribute value with less friction. Security practices must
adapt dynamically to ensure data security and privacy issues are
not left behind in the fast-paced world of DevOps
AUDIENCE
Target audience:
- Anyone involved or interested in learning about DevSecOps strategies and automation
- Anyone involved in Continuous Delivery toolchain architectures
- Compliance Team
- Delivery Staff
- DevOps Engineers
- IT Managers
- IT Security Professionals, Practitioners, and Managers
- Maintenance and support staff
- Managed Service Providers
- Project & Product Managers
- Quality Assurance Teams
- Release Managers
- Scrum Masters
- Site Reliability Engineers
- Software Engineers
- Testers
CERTIFICATION
Exam Details
Questions: 40
Languages: English, Brazilian Portuguese, Chinese
Format: Multiple Choice
Passing Score: 65%
Delivery: Web-based
Duration: 60 minutes
Open Book: Yes
CONTENT
Cyber Threat Landscape (CTL)
Tactics, techniques and procedures (TTPs) describe how threat agents orchestrate and manage attacks. Threat Models optimize security by identifying objectives and vulnerabilities such as OWASP top ten, before defining counter-measures. Continuous Delivery practices are engaged to realize continuous governance, risk management and compliance.
Responsive DevSecOps Model
Security is made continuously adaptive and auditable by
breaking security silos, cultivating a symbiotic relationship
between security and other business units. Security specific
practices and integrated toolsets as code (such as security scans)
enable automated security KPIs and observable security
practices into the DevOps value stream.
DevSecOps Stakeholders
Gaps between traditional waterfall security cultures and
fast-paced DevOps cultures, are removed by building collaboration
and trust. Through improving credibility, reliability and empathy
while reducing self-interest. Decisions are based on advice from
everyone affected and people with expertise using systems thinking.
Shared metrics assure adaptable governance using discipline, with
automation, transparency and accountability.
Realizing DevSecOps Outcomes
Security is built into the value stream efficiently with
empowered development teams implementing features securely,
shift-left security testing, tools for automated feedback. Culture
improvements instead of policy enforcements ensure security and
software engineers are continuously cross-skilling and
collaborating.
Pipelines & Continuous Compliance
Security test and scanning tools are integrated into the CI/CD
pipeline to finding known vulnerabilities (published CVEs) and
common software weaknesses (CWEs). Repetitive security tasks are
automated such as configurations, Fuzz testing and long running
security tasks. Compliance as Code helps in automating compliance
requirements to foster collaboration, repeatability, and continuous
compliance.
DevSecOps Practices
Security is integrated into people, process, technology and
governance practices. Continuous security practices for DevSecOps
are implemented in onboarding processes for stakeholders. Security
practices and outcomes are monitored and improved using data-driven
decision making and response patterns. Lean and value stream
thinking ensure that security does not cause waste, delays or
constraints for flow.
Getting Started
Value Stream Mapping establishes where security activities and
bottlenecks currently happen. Collaborative design of a target
value state map addresses security requirements, communication and
automation improvements. Scope of the design includes practices for
Artifact Management, Risk Management, Identity Access Management,
Secrets Management, Encryption, Governance, Risk and Compliance,
Monitoring and Logging, Incident response and learning
Learning Using Outcomes
Continuous DevSecOps learning programs are implemented to meet evolving security requirements for the organization and individuals using strategies such as lunch and learns, mentoring, professional education, employee learning plans, structured training classes, Dojos, retrospective learning, gamification, and DevOps Institute SKILup Days.
Rester à jour sur les nouveaux avi
Partagez vos avis
Avez-vous participé à cours? Partagez votre expérience et aider d'autres personnes à faire le bon choix. Pour vous remercier, nous donnerons 1,00 € à la fondation Stichting Edukans.Il n'y a pour le moment aucune question fréquente sur ce produit. Si vous avez besoin d'aide ou une question, contactez notre équipe support.