Security

Applied DevSecOps - Virtual

So you want to automate security testing in your environment? Then this training is right for you!

During this 2 day intense training you start of with a punch in threat-modeling to get a feeling of the importance of the vulnerabilities you find. After that, we will deep dive into the space of application security automation: starting with simple dependency checking, basics of SAST and then deep dive in other various scanners, after which we will do hands-on vulnerability management with Git and tools like DefectDojo. The next day, we take the plunge into infrastructure security automation with a focus on platform security (Docker, host security) and take a look at Identity & Access management, secrets management and security monitoring (through ELK). 

Is the Applied DevSecOps training right for me? 

  • Yes - if you work as an Operations specialist, as a member of an SRE team or as a member of a platform team
  • Yes - if you work as a security professional
  • Yes - if you want to find out how the security in modern environments can scale up faster
  • Yes - if you want to be able to detect and prevent common security pitfalls

 What will I achieve by completing this training? 

 You will learn: 

  • The basics of DevSecOps and Threatmodeling
  • How to look at the overall security of a system (e.g. the application and the underlying infrastructure)
  • The basics of various available security tooling: SAST, DAST, iAST, RASP, WAF, dependency checkers, vulnerability managers, vulnerability scanners, compliancy automators
  • The various techniques available to validate the security posture of your system
  • The principles of immutable infrastructure in a security context
  • The various challenges on scaling your security automation
  • The basics of IaM and secrets management

 You will gain experience in: 

  • Taking care of your third party vulnerabilities 
  • Analyzing the code of your application 
  • Working with DAST tools 
  • Secrets management 
  • Selecting and testing the right tools for security in your pipeline 

What else should I know? 

  • Please bring a laptop with 8GB RAM or more, 24GB free hard-space drive and administrative access with the possibility to run VMs using VirtualBox and Docker containers
Get in touch
contact-us

Our team is at your service

Get in touch!

Or call +31 (0)35 538 1921