27 a 28 Mar 2023
This 2-day intermediate course will show you how to automate security into a fast-paced DevOps environment using various open-source tools and scripts. We have delivered this training for Virtual OWASP AppSec Days Conference to an overwhelming positive response.
The course is available directly from Claranet Cyber Security or you can book through one of our partners. The course is now available as live, online training and can be delivered for you individually or for your company. Contact us below with your requirements.
DevOps engineers, security and solutions architects, system administrators will strongly benefit from this course as it will give you a holistic approach towards application security.
If you have a background in IT or related to software development, whether a developer or a manager, you can attend this course to get an insight about DevOps and DevSecOps.
Certificação Associada: N/A
*Curso disponível em Live Training
- Online Lab Setup
- Offline Lab Instructions
Introduction to DevOps
- What is DevOps?
- Lab: DevOps Pipeline
Introduction to DevSecOps
- Challenges for Security in DevOps
- DevOps Threat Model
- DevSecOps – Why, What and How?
- Vulnerability Management
- Pre-Commit Hooks
- Introduction to Talisman
- Lab: Running Talisman
- Lab: Create your own regexes for Talisman
- Secrets Management
- Introduction to HashiCorp Vault
- Demo: Vault Commands
- Software Composition Analysis (SCA)
- Static Analysis Security Testing (SAST)
- Dynamic Analysis Security Testing (DAST)
Infrastructure As Code
- Vulnerability Assessment (VA)
- Container Security (CS)
- Compliance as Code (CaC)
- Alerting and Monitoring
- Introduction to F-ELK
DevSecOps in AWS
- DevOps on Cloud Native AWS
- AWS Threat Landscape
- DevSecOps in Cloud Native AWS
DevSecOps Challenges and Enablers
- Challenges with DevSecOps
- Building DevSecOps Culture
- Security Champions
- Case Studies
- Where do we Begin?
- DevSecOps Maturity Model
You should bring a laptop with a minimum 12 GB RAM and 40 GB of extra space and also have administrator privileges. In order to access our labs you'll need an unfiltered direct connection to the internet. Our labs will not be accessible from behind a proxy or a firewalled internet connection