DevSecOps Training and Course – Foundation Level

Course Feature: This comprehensive 2-day DevSecOps training is designed to provide participants with a holistic understanding of DevSecOps practices and equip them with hands-on experience using a wide range of essential tools. Through interactive sessions and practical labs, participants will learn to seamlessly integrate security into the software development lifecycle.

Training Objectives:

• Gain in-depth knowledge of DevSecOps principles, methodologies, and benefits.
• Learn to identify, assess, and mitigate security vulnerabilities in software.
• Acquire practical experience with a variety of DevSecOps tools.
• Develop skills to implement secure coding practices and security automation.
• Explore real-world case studies and scenarios for practical application.

Target Audience:

• Software developers and engineers
• DevOps practitioners
• Security professionals seeking DevSecOps expertise
• IT managers and team leads

Training Methodology:

• Interactive lectures and discussions
• Hands-on labs and practical exercises
• Group activities and collaborative learning
• Practical tool demonstrations

Training Materials:

• Comprehensive presentation slides and reference materials
• Detailed lab guides with step-by-step instructions

Evaluation: Participants will be evaluated through lab performance, group discussions, and a final assessment to ensure understanding and practical application of concepts.

Continuing Education: Participants will receive guidance on further learning resources, including recommended books, online courses, and industry forums.

Certification Program: Upon successful completion, participants will receive a certification of accomplishment, validating their proficiency in implementing DevSecOps practices and utilizing diverse tools.

Agenda Daywise:

Day 1: Introduction to DevSecOps

• Understanding DevSecOps and its relevance in modern software development
• Integrating security into the software development lifecycle
• Common security challenges and vulnerabilities

Day 1: Hands-on Labs and Tool Demos

1. Static Application Security Testing (SAST) with Checkmarx
2. Dynamic Application Security Testing (DAST) using OWASP ZAP
3. Infrastructure as Code (IaC) security with Terraform and Terrascan
4. Secure Code Review and Remediation with SonarQube

Day 2: Advanced DevSecOps Practices

• Secure coding practices and code reviews
• Continuous integration and deployment security
• Threat modeling and risk assessment

Day 2: Hands-on Labs and Tool Demos

1. Container Security with Aqua Security
2. Vulnerability Management using Nessus
3. Identity and Access Management (IAM) with Keycloak
4. Security Orchestration with Ansible

Lab Setup:

• Participant laptops with required software installations
• Virtual machines or cloud environments for lab exercises

Trainers: Our trainers are experienced professionals in DevSecOps and security, with a strong focus on practical implementation and training delivery.

FAQ:

1. Is prior security knowledge necessary? While some security awareness is beneficial, the training covers foundational concepts.
2. What is the lab setup requirement? Participants should bring their laptops for hands-on labs. Virtual environments will be provided.
3. Will I receive course materials for reference? Yes, comprehensive course materials will be provided for future reference.
4. Is certification provided upon completion? Yes, participants will receive a certification of accomplishment.
5. Can I interact with trainers for specific queries? Yes, dedicated Q&A sessions will provide opportunities to address queries.

Join us for this immersive 2-day training to enhance your skills and knowledge in DevSecOps and become adept at utilizing a variety of essential tools for securing your software development processes.