Cursos

DevSecOps

1,125.00 +Iva

Dias: 2
Duração: 14 horas
Próxima Data: 15/12/2021 a 16/12/2021
Área: Cybersecurity
Certificação Associada: N/A
Local: Lisboa e Porto

*Curso disponível em Live Training

Quero inscrever-me
REF: NSSDSO Categoria: Etiqueta:

Descrição

Two Days hands-on training to automate security into a fast-paced DevOps environment using various open-source tools and scripts. Modern enterprises are implementing the technical and cultural changes required to embrace DevOps methodology by introducing practices such Continuous Integration (CI), Continuous Delivery (CD), Continuous Monitoring (CM) and Infrastructure as Code(IaC) .DevSecOps extends DevOps by introducing security in each of these practices giving a certain level of security assurance in the final product. In this training, we will demonstrate using our state-of-the-art DevSecOps Lab as to how to inject security in CI, CD, CM and IaC. Every delegate will be provided a personalized cloud setup of our DevSecOps lab for hands-on implementation of various security tools in the CI/CD/CM pipeline. Attendees will receive the DevSecOps Lab built using Vagrant and Ansible comprising the same tools and scripts as a takeaway.

Destinatários

Anybody with a background in IT or related to software development whether a developer or a manager can attend this course to get an insight about DevOps and DevSecOps.

Any device having a browser.

Programa

Lab Setup
• Online Lab Setup
• Offline Lab Instructions

Module 1: Introduction to DevOps 

• What is DevOps?

Module 2: Introduction to DevSecOps

• Challenges for Security in DevOps
• DevSecOps – Why, What and How?
• Vulnerability Management

Module 3: Continuous Integration

• Pre-Commit Hooks
• Secrets Management

Module 4: Continuous Delivery

• Software Composition Analysis (SCA)
• Static Analysis Security Testing (SAST)
• Dynamic Analysis Security Testing (DAST)

Module 5: Infrastructure As Code

• Vulnerability Assessment (VA)
• Container Security (CS)
• Compliance as Code (CaC)

Module 6: Continuous Monitoring

• Alerting and Monitoring
• Introduction to F-ELK

Module 7: DevSecOps in AWS

• DevOps on Cloud Native AWS
• AWS Threat Landscape
• DevSecOps in Cloud Native AWS

Module 8: DevSecOps Challenges and Enablers

• Challenges with DevSecOps
• Building DevSecOps Culture
• Security Champions
• Case Studies
• Where do we Begin?
• DevSecOps Maturity Model

Pré-requisitos

Delegates Should Bring
• Any laptop with a browser
• In order to access our labs you’ll need an unfiltered direct
connection to the internet. Our labs will not be accessible from
behind a proxy or a firewalled internet connection

Students should bring a Laptop with Wifi connectivity and admin privileges.

The attendees will also receive a free DevSecOps tool-chest (designed by the NotSoSecure team) which can be directly implemented in most CI/CD pipelines.

Outras datas

06/04/2022 a 07/04/2022