Applied DevSecOps

3 October, 2024Hilversum, The Netherlands

2 days
In Person
Software Development

Are you ready to automate security testing? You’ve landed on the perfect training! In just two intense days, immerse yourself in the world of DevSecOps. From threat modelling to vulnerability management, we’ve got your security needs covered.

Book this training

Book now

Any questions?  

Michiel will gladly help you further with any personal or in-company needs you might have.

Get in touch


2 days


09:00 – 17:00









What will you learn?

In today’s digital landscape, security cannot be an afterthought. With DevSecOps, you can rest assured that security is a priority from the start, preventing vulnerabilities from creeping into any part of your software development lifecycle.  

This training will give you a thorough understanding of the principles and practices needed to seamlessly integrate security into your software development and deployment pipeline. You will learn to identify and address third-party security risks at any stage, from code creation to production deployment. The training covers topics like threat modeling, application security automation, vulnerability management, infrastructure security, identity and access management, secrets management, and security monitoring. Say goodbye to common security pitfalls and hello to a new era of safe technology!  

Key takeaways

  1. The basics of DevSecOps and threat modeling.  
  2. How to use security tooling, like SAST, DAST, IAST, RASP, and WAF.  
  3. Techniques to validate your system’s security posture.  
  4. The principles of immutable infrastructure within a security context.  
  5. Strategies for scaling your security automation. 
  6. IaM and secrets management essentials.  


We will kick off the training with an introduction to threat modeling to understand just how vulnerable organizations are and emphasize the importance of security. After that, we will dive into application security automation, starting with simple dependency checks and the basics of SAST. We will continue to explore various scanners and experience hands-on vulnerability management with Git and tools like DefectDojo.

On the second day, we will plunge into infrastructure security automation, focusing on platform security (Docker, host security), identity and access management, secrets management, and security monitoring with ELK.

  • Hands-on vulnerability management: Learn to manage vulnerabilities hands-on with Git and tools like DefectDojo. 
  • Infrastructure security: Learn all about securing platforms, Docker, host security, identity and access management, secrets management, and security monitoring with ELK. 

Who is it for

This training is designed for security professionals, operations specialists and members of SRE and/or platform teams. If this sounds like you and you want to know how to scale security faster and detect and avoid common security pitfalls — you’ve come to the right place! 


Basic knowledge of the topic is beneficial.  

Why should I do this training

Boost your security career

Learn security automation essentials.

Protect your organization

Master threat modeling and vulnerability management.

Be prepared

Acquire skills for scaling security in modern environments.

What else
should I know?

Course information

Materials included: We will provide all necessary study materials.

Lunch included: A delicious lunch and a variety of snacks are part of the deal!

Languages: Training is in English.

Laptop: Bring a laptop with > 8GB RAM, 24GB free hard drive space, and admin access for VMs using VirtualBox and Docker.

CPE: This training entitles you to 24 CPE points.

T&A: Travel and accommodation expenses are not included.

Meet our trainers

Marinus Kuivenhoven

Marinus Kuivenhoven is a Security trainer and Head of Security Learning and Coaching at Xebia Academy.

Also interesting for you

View all training courses
Agile Threat Modeling 

Join our Agile Threat Modeling training. Think like a hacker to prevent a hack. Learn how to protect your software the Agile way.

Marinus Kuivenhoven

Software Testing
1 day
In Person


4 Jul, 2024



View training
Pentesting Web and API Application Foundation Training  

Defend against cyber threats. Join our Pentesting Web and API Training to master hacker tactics from the inside out.

Marinus Kuivenhoven

Software Testing
2 days
In Person


24 – 25 Jun, 2024



View training
Certified Information Systems Security Professional (CISSP®) Preparation Course  

Prepare for the CISSP® exam and become a skilled information security specialist with our comprehensive and practical CISSP® Preparation Course.

10 days
In Person


24 May, 2024



View training
Security in Google Cloud Platform  

Unlock GCP security mastery. Get certified as a Professional GCP Security Engineer. Join us now!

Google Cloud Platform (GCP)
3 days
In Person


21 Oct, 2024



View training
Secure Coding Foundation Training  

Master secure coding in just one day. Learn to detect vulnerabilities and write better software. Join now!

Marinus Kuivenhoven

Back-End Development
Software Development
1 day
In Person


18 Oct, 2024



View training

Can’t find the course you’re looking for? There’s more!