30 November, 2023 – Hilversum, The Netherlands
Are you ready to automate security testing? You’ve landed on the perfect training! In just two intense days, immerse yourself in the world of DevSecOps. From threat modelling to vulnerability management, we’ve got your security needs covered.
09:00 – 17:00
What will you learn?
In today’s digital landscape, security cannot be an afterthought. With DevSecOps, you can rest assured that security is a priority from the start, preventing vulnerabilities from creeping into any part of your software development lifecycle.
This training will give you a thorough understanding of the principles and practices needed to seamlessly integrate security into your software development and deployment pipeline. You will learn to identify and address third-party security risks at any stage, from code creation to production deployment. The training covers topics like threat modeling, application security automation, vulnerability management, infrastructure security, identity and access management, secrets management, and security monitoring. Say goodbye to common security pitfalls and hello to a new era of safe technology!
- The basics of DevSecOps and threat modeling.
- How to use security tooling, like SAST, DAST, IAST, RASP, and WAF.
- Techniques to validate your system’s security posture.
- The principles of immutable infrastructure within a security context.
- Strategies for scaling your security automation.
- IaM and secrets management essentials.
We will kick off the training with an introduction to threat modeling to understand just how vulnerable organizations are and emphasize the importance of security. After that, we will dive into application security automation, starting with simple dependency checks and the basics of SAST. We will continue to explore various scanners and experience hands-on vulnerability management with Git and tools like DefectDojo.
On the second day, we will plunge into infrastructure security automation, focusing on platform security (Docker, host security), identity and access management, secrets management, and security monitoring with ELK.
- Hands-on vulnerability management: Learn to manage vulnerabilities hands-on with Git and tools like DefectDojo.
- Infrastructure security: Learn all about securing platforms, Docker, host security, identity and access management, secrets management, and security monitoring with ELK.
Who is it for
This training is designed for security professionals, operations specialists and members of SRE and/or platform teams. If this sounds like you and you want to know how to scale security faster and detect and avoid common security pitfalls — you’ve come to the right place!
Basic knowledge of the topic is beneficial.
Why should I do this training
Boost your security career
Learn security automation essentials.
Protect your organization
Master threat modeling and vulnerability management.
Acquire skills for scaling security in modern environments.
What does it look like?
should I know?
Materials included: We will provide all necessary study materials.
Lunch included: A delicious lunch and a variety of snacks are part of the deal!
Languages: Training is in English.
Laptop: Bring a laptop with > 8GB RAM, 24GB free hard drive space, and admin access for VMs using VirtualBox and Docker.
CPE: This training entitles you to 24 CPE points.
T&A: Travel and accommodation expenses are not included.
Meet our trainers
Marinus Kuivenhoven is a Security trainer and Head of Security Learning and Coaching at Xebia Academy.
Also interesting for youView all training courses
Join our Agile Threat Modeling training. Think like a hacker to prevent a hack. Learn how to protect your software the Agile way.
Defend against cyber threats. Join our Pentesting Web and API Training to master hacker tactics from the inside out.
Prepare for the CISSP® exam and become a skilled information security specialist with our comprehensive and practical CISSP® Preparation Course.
9 Jan, 2024
Unlock GCP security mastery. Get certified as a Professional GCP Security Engineer. Join us now!
Master secure coding in just one day. Learn to detect vulnerabilities and write better software. Join now!