CommunityConsultancyContact | NederlandsEnglish

Applied DevSecOps training

So you want to automate security testing in your environment? Then this training is right for you!
Upcoming dates
There are no upcoming courses planned.
However, in-company is always available.
More information about this course?
Get in touch
Got any questions?
Call Wesley, chat or get called back for more information about a training or a tailored training solution.
Course details
icon
Duration
2 days
icon
Lunch
Included
icon
Certification
No
icon
Level
Foundation
icon
CPE
24

During this 2 day intense training you start of with a punch in threat-modeling to get a feeling of the importance of the vulnerabilities you find. After that, we will deep dive into the space of application security automation: starting with simple dependency checking, basics of SAST and then deep dive in other various scanners, after which we will do hands-on vulnerability management with Git and tools like DefectDojo. The next day, we take the plunge into infrastructure security automation with a focus on platform security (Docker, host security) and take a look at Identity & Access management, secrets management and security monitoring (through ELK). 

Is the Applied DevSecOps training right for me? 

  • Yes - if you work as an Operations specialist, as a member of an SRE team or as a member of a platform team
  • Yes - if you work as a security professional
  • Yes - if you want to find out how the security in modern environments can scale up faster
  • Yes - if you want to be able to detect and prevent common security pitfalls

 What will I achieve by completing this training? 

 You will learn: 

  • The basics of DevSecOps and Threatmodeling
  • How to look at the overall security of a system (e.g. the application and the underlying infrastructure)
  • The basics of various available security tooling: SAST, DAST, iAST, RASP, WAF, dependency checkers, vulnerability managers, vulnerability scanners, compliancy automators
  • The various techniques available to validate the security posture of your system
  • The principles of immutable infrastructure in a security context
  • The various challenges on scaling your security automation
  • The basics of IaM and secrets management

 You will gain experience in: 

  • Taking care of your third party vulnerabilities 
  • Analyzing the code of your application 
  • Working with DAST tools 
  • Secrets management 
  • Selecting and testing the right tools for security in your pipeline 

What else should I know? 

  • Please bring a laptop with 8GB RAM or more, 24GB free hard-space drive and administrative access with the possibility to run VMs using VirtualBox and Docker containers
contact-us

Get in touch

Our team is at your service

Get in touch! →

Or call +31 (0)20 760 9844