Comprehensive DevOps Security Training Overview

Slide Note
Embed
Share

This Certified DevOps Security Practitioner course provides a deep dive into implementing DevSecOps, integrating security into the DevOps processes. Covering topics like security testing, Docker security, automation, and more, the training aims to equip participants with the necessary skills to embed security in agile development practices effectively. Attendees will learn about various open-source tools, security automation possibilities, and how to integrate security within the CI/CD cycle. Ideal for developers, compliance teams, risk management professionals, and security enthusiasts.

jahv_808
jahv_808 Follow

Uploaded on Oct 11, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Certified DevOps Security Practitioner Certified DevOps Security Practitioner A 12 Hours DevOps Security Training In Association with ISACA Sri Lanka Dates : September 27-29, 2021 Time : 6 00 Am 10 00 Am GMT Mode : Online Course Fees: Non-ISACA Members: USD $ 200 ISACA Members: USD $ 140

  2. Objectives of the Course In this course, we will be learning how DevSecOps is implemented in a company by using various programming languages and open source tools. It will be helpful to jumpstart in understanding and exposure to various security automation possibilities which can be integrated in DevOps related to application or infrastructure security. This training focuses on Embedding security into the DevOps processes is referred to as DevSecOps. While DevOps addresses the business need of rapidly delivering products and release code in order to satisfy customer demands, it is important that security must work in tandem with Agile and DevOps processes. In traditional development methods, security is kept at the very end of the release process. Who should attend Hence, security has been viewed as a bottleneck to the rapid development methodologies such as Agile along with the software delivery pipeline. Entrepreneurs, Business Owners Cloud Solutions Providers, Senior Managers Security Automation Team This results in a major contention and distrust between development and security teams unless they work in tandem. DevSecOps & Devops Team Aws & Azure Professionals Just as DevOps addresses the traditional silos between Development and Operations, DevSecOps seeks to address the silos between Dev, Ops and Security teams. Automated application security further facilitates reducing friction and removing bottlenecks in the CI/CD cycle. Developers Compliance team Risk Management Professionals Security Enthusiasts

  3. COURSE CONTENT Security Testing Git Attack & Best Pratice Jenkins Attack & Best Practice Case Study Shift Secure Left OWASP Proactive Controls Using Infrastructure as Code The HoneyMoon Effect SDOMM or DSOMM(Maturity Model) Day 1: Intro DevOps Culture DevOps Principles Overview of DevOps Tools DevOps CI/CD Pipelining Security & Compliance Challenges in DevOps Regulation Security Compliance Cloud Service threats Rapid releases New Technology (Microservices) Security challenges in CI/CD Case Study Injecting Security into CI/CD Hands-on Open Source Tools (npm,owasp dependency checker,retire.js) any one Static Analaysis Hands-on Open Source Tools (gitrob/trufflehog,open source static code scanner) any one Dynamic Analysis Hands-on Open Source Tools (zap Day 2: Microservice Security What is Docker? Overview of Docker Components Security Concerns with Containers Attacking Docker Containers Misconfiguration(Hands-on) Auditing Docker Containers(Hands-on) Kubernetes Attacking and Defending Remember .. you are the Centre of Security

  4. COURSE CONTENT Day 3: Security Automation CaseStudy Security Policy Framework(BDD,Robot) Introduction to ansible(Iaac) Ansible overview Hands-on Security Automation Security Automation Compliance Hands-on Inspec Intro to Cloud DevSecOps (AWS, Azure) Serverless Security Examination The participants would need to undergo an online examination after the training. On successfully clearing the examination, the participant would be awarded with the DevOPs Security certificate. Remember .. you are the Centre of Security

  5. Lead Trainer Lionel Faleiro, Practice Lead - Forensics Network Intelligence KK provides the vision and direction for the company and has steered it from a one-man consulting firm started in 2001 to a global cybersecurity firm with an expansive portfolio of services. A technologist at heart, he enjoys dealing with complex security problems and developing solutions to client challenges. He is a qualified PCI QSA, CISA and CISSP. Lionel is passionate about training and working in DFIR. He comes with an experience of almost 10 years in IT and Cybersecurity. He began as a SysAdmin then a Security Trainer and now leads the Forensic Practice at the firm. He has solved numerous cases during his tenure at Network Intelligence and is an avid gamer as well. Registration Link: https://forms.office.com/r/yVBB4L2UpV

Related


Evolution of DevOps in Technology Through Images

Evolution of DevOps in Technology Through Images

sanilsc
Comprehensive Overview of DevOps, Waterfall, and Agile Development Methods

Comprehensive Overview of DevOps, Waterfall, and Agile Development Methods

fier308
Driving Innovation in Communication Technology Through DevOps Automation for SAP

Driving Innovation in Communication Technology Through DevOps Automation for SAP

abraxas
Evolving Security Practices in DevOps: A Holistic Approach

Evolving Security Practices in DevOps: A Holistic Approach

madisyn
Azure DevOps: Unleashing Efficiency for Every Team

Azure DevOps: Unleashing Efficiency for Every Team

evelio
Understanding the Role of Security Champions in Organizations

Understanding the Role of Security Champions in Organizations

irvin
TSA Updates on Security Training Rule for OTRB Companies

TSA Updates on Security Training Rule for OTRB Companies

aziza
Understanding the Roles of a Security Partner

Understanding the Roles of a Security Partner

zaara
Comprehensive Course Review: Security Research Cornerstones at Carnegie Mellon University

Comprehensive Course Review: Security Research Cornerstones at Carnegie Mellon University

kol_lov
UIC Security Division Overview and International Activities

UIC Security Division Overview and International Activities

hadri
Automating Security Operations Using Phantom

Automating Security Operations Using Phantom

gwe_sad
Certification and Training in Information Security

Certification and Training in Information Security

buck
Comprehensive Guide to Designing Physical Security and Security Planning by Susan Lincke

Comprehensive Guide to Designing Physical Security and Security Planning by Susan Lincke

jes_mcg
Introduction to Ansible Network Automation and DevOps

Introduction to Ansible Network Automation and DevOps

iprot
Evolution of DevOps in Testing Journey at American Family Insurance

Evolution of DevOps in Testing Journey at American Family Insurance

gregorio_a
Insights into DevOps and Agile 2.0 Practices in Software Development

Insights into DevOps and Agile 2.0 Practices in Software Development

bernardini_m
Current Reality Trees in DevOps Problem-solving

Current Reality Trees in DevOps Problem-solving

marlowebl
Understanding Security in World Politics

Understanding Security in World Politics

eisenberg_k
Understanding HTTP Security Headers for Web Apps

Understanding HTTP Security Headers for Web Apps

pembroke_l
Modular Security Analysis for Key Exchange and Authentication Protocols

Modular Security Analysis for Key Exchange and Authentication Protocols

area290
CAMPUS SECURITY AUTHORITY (CSA) TRAINING CAMPUS SECURITY AUTHORITY (CSA) TRAINING

CAMPUS SECURITY AUTHORITY (CSA) TRAINING CAMPUS SECURITY AUTHORITY (CSA) TRAINING

croix
AEP Enterprise Security Program Overview - June 2021 Update

AEP Enterprise Security Program Overview - June 2021 Update

aubriella
Overview of Social Security and Health Care System in Turkey

Overview of Social Security and Health Care System in Turkey

violeta
BCA 601(N): Computer Network Security

BCA 601(N): Computer Network Security

danna

More Related Content

Enhancing Security Definitions for Functional Encryption
Enhancing Security Definitions for Functional Encryption
International Approaches to Enhance Nuclear Safety and Security
International Approaches to Enhance Nuclear Safety and Security
Understanding Security Onion: Network Security Monitoring Tools
Understanding Security Onion: Network Security Monitoring Tools
Understanding Transport Layer Security (TLS)
Understanding Transport Layer Security (TLS)
Understanding Cyber Security and Risks
Understanding Cyber Security and Risks
Understanding Provable Security Models in Cryptography
Understanding Provable Security Models in Cryptography
Understanding Computer Security Principles and Practices
Understanding Computer Security Principles and Practices
Legal Framework on Information Security in the Ministry of Trade, Tourism, and Telecommunication
Legal Framework on Information Security in the Ministry of Trade, Tourism, and Telecommunication
Enhancing SWIFT Security Measures for ReBIT: March 2018 Update
Enhancing SWIFT Security Measures for ReBIT: March 2018 Update
Understanding Security Threats and Countermeasures
Understanding Security Threats and Countermeasures
Managing Application Security in Large Organizations: Insights and Best Practices
Managing Application Security in Large Organizations: Insights and Best Practices
IPv6 Security and Threats Workshop Summary
IPv6 Security and Threats Workshop Summary
Exploring Web Hosting Security: Principles, Layers, and Monitoring
Exploring Web Hosting Security: Principles, Layers, and Monitoring
Challenges and Solutions at the Safety-Security Interface
Challenges and Solutions at the Safety-Security Interface
Congratulations on Your FY23 Nonprofit Security Grant Program Award!
Congratulations on Your FY23 Nonprofit Security Grant Program Award!
Insights from Public Police Executives on Private Security Services
Insights from Public Police Executives on Private Security Services
Understanding Universally Composable Security: A Tutorial by Ran Canetti
Understanding Universally Composable Security: A Tutorial by Ran Canetti
Understanding Security Management in an ICT Environment
Understanding Security Management in an ICT Environment
Comprehensive Overview of E-Commerce Application Development and Computer Security
Comprehensive Overview of E-Commerce Application Development and Computer Security
Comprehensive Information Security Planning and Principles Overview
Comprehensive Information Security Planning and Principles Overview
Practical Computer Security Course Overview
Practical Computer Security Course Overview
Understanding Lawson Security: Basics, Hierarchy, and Administration Tools
Understanding Lawson Security: Basics, Hierarchy, and Administration Tools
Role-based Access Control Policies and Security Properties Overview
Role-based Access Control Policies and Security Properties Overview
Efficient Skills Gap Analysis with AWS Training and Certification
Efficient Skills Gap Analysis with AWS Training and Certification