DevOps Institute

DevSecOps Foundation Training

DSOF

DevSecOps Foundation (DSOF)

As companies deploy code faster and more often than ever, new vulnerabilities are also accelerating. When the boss says, “Do more with less”, DevOps practices adds business and security value as an integral, strategic component. Delivering development, security, and operations at the speed of business should be an essential component for any modern enterprise.

Training at a glance

Level

Beginner

Duration

2 Days

Experience

1 year: DevOps

Average Salary

$181,505

Labs

No

Level

Beginner

Duration

2 Days

Experience

1 year: DevOps

Average Salary

$181,505

Labs

No

Training Details

This course explains how DevOps security practices differ from other approaches then delivers the education needed to apply changes to your organization. Participants learn the purpose, benefits, concepts, vocabulary and applications of DevSecOps. Most importantly, students learn how DevSecOps roles fit with a DevOps culture and organization. At the course’s end, participants will understand “security as code” to make security and compliance value consumable as a service.
No course would be complete without practical application and this course teaches the steps to integrate security programs from the developers and operators through the business C-level. Every stakeholder plays a part and the learning material highlights how professionals can use these tools as the primary means of protecting the organization and customer through multiple case studies, video presentations, discussion options, and exercise material to maximize learning value. These real-life scenarios create tangible takeaways participants can leverage upon their return to the home office.

The learning objectives for DevSecOps Foundation include an understanding of:

  • The purpose, benefits, concepts, and vocabulary of DevSecOps
  • How DevOps security practices differ from other security approaches
  • Business-driven security strategies and Best Practices
  • Understanding and applying data and security sciences
  • Integrating corporate stakeholders into DevSecOps Practices
  • Enhancing communication between Dev, Sec, and Ops teams
  • How DevSecOps roles fit with a DevOps culture and organization

Lesson 1:  Realizing DevSecOps Outcomes

  • Origins of DevOps​
  • Evolution of DevSecOps​
  • CALMS​
  • The Three Ways


Lesson 2:  Defining the Cyberthreat Landscape​

  • What is the Cyber Threat Landscape?​
  • What is the threat?​
  • What do we protect from?​
  • What do we protect, and why?​
  • How do I talk to security?​


Lesson 3:  Building a Responsive DevSecOps Model

  • Demonstrate Model
  • Technical, business and human outcomes​
  • What’s being measured? ​
  • Gating and thresholding​


Lesson 4:  Integrating DevSecOps Stakeholders

  • The DevSecOps State of Mind​
  • The DevSecOps Stakeholders​
  • What’s at stake for who?​
  • Participating in the DevSecOps model​


Lesson 5:  Establishing DevSecOps Best Practices

  • Start where you are​
  • Integrating people, process and technology and governance​
  • DevSecOps operating model​
  • Communication practices and boundaries​
  • Focusing on outcomes


Lesson 6:  Best Practices to get Started

  • The Three Ways​
  • Identifying target state​s
  • Value stream-centric thinking​


Lesson 7:  DevOps Pipelines and Continuous Compliance

  • The goal of a DevOps pipeline​
  • Why continuous compliance is important​
  • Archetypes and reference architectures​
  • Coordinating DevOps Pipeline construction​
  • DevSecOps tool categories, types and examples​


Lesson 8:  Learning Using Outcomes

  • Security Training Options​
  • Training as Policy​
  • Experiential Learning​
  • Cross-Skilling​
  • The DevSecOps Collective Body of Knowledge​
  • Preparing for the DevSecOps Foundation certification exam

The target audience for the DevSecOps Foundation course are professionals including: 

  • Anyone involved or interested in learning about DevSecOps strategies and automation
  • Anyone involved in Continuous Delivery toolchain architectures 
  • Compliance Team
  • Business managers
  • Delivery Staff
  • DevOps Engineers
  • IT Managers
  • IT Security Professionals, Practitioners, and Managers 
  • Maintenance and support staff 
  • Managed Service Providers 
  • Project & Product Managers 
  • Quality Assurance Teams
  • Release Managers
  • Scrum Masters
  • Site Reliability Engineers 
  • Software Engineers
  • Testers 

Participants should have baseline knowledge and understanding of common DevOps definitions and principles.

 

Upcoming Classes

We Offer More Than Just DevOps Institute Training

Our successful training results keep our corporate and military clients returning. That’s because we provide everything you need to succeed. This is true for all of our courses.

Strategic Planning & Project Management

From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.

IT & Cybersecurity

ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.

Leadership & Management

Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.

From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.
ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.
Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.