Duração: 14 horas
Próxima Data: 15/12/2021 a 16/12/2021
Certificação Associada: N/A
Local: Lisboa e Porto
*Curso disponível em Live Training
Two Days hands-on training to automate security into a fast-paced DevOps environment using various open-source tools and scripts. Modern enterprises are implementing the technical and cultural changes required to embrace DevOps methodology by introducing practices such Continuous Integration (CI), Continuous Delivery (CD), Continuous Monitoring (CM) and Infrastructure as Code(IaC) .DevSecOps extends DevOps by introducing security in each of these practices giving a certain level of security assurance in the final product. In this training, we will demonstrate using our state-of-the-art DevSecOps Lab as to how to inject security in CI, CD, CM and IaC. Every delegate will be provided a personalized cloud setup of our DevSecOps lab for hands-on implementation of various security tools in the CI/CD/CM pipeline. Attendees will receive the DevSecOps Lab built using Vagrant and Ansible comprising the same tools and scripts as a takeaway.
Anybody with a background in IT or related to software development whether a developer or a manager can attend this course to get an insight about DevOps and DevSecOps.
Any device having a browser.
• Online Lab Setup
• Offline Lab Instructions
Module 1: Introduction to DevOps
• What is DevOps?
Module 2: Introduction to DevSecOps
• Challenges for Security in DevOps
• DevSecOps – Why, What and How?
• Vulnerability Management
Module 3: Continuous Integration
• Pre-Commit Hooks
• Secrets Management
Module 4: Continuous Delivery
• Software Composition Analysis (SCA)
• Static Analysis Security Testing (SAST)
• Dynamic Analysis Security Testing (DAST)
Module 5: Infrastructure As Code
• Vulnerability Assessment (VA)
• Container Security (CS)
• Compliance as Code (CaC)
Module 6: Continuous Monitoring
• Alerting and Monitoring
• Introduction to F-ELK
Module 7: DevSecOps in AWS
• DevOps on Cloud Native AWS
• AWS Threat Landscape
• DevSecOps in Cloud Native AWS
Module 8: DevSecOps Challenges and Enablers
• Challenges with DevSecOps
• Building DevSecOps Culture
• Security Champions
• Case Studies
• Where do we Begin?
• DevSecOps Maturity Model
Delegates Should Bring
• Any laptop with a browser
• In order to access our labs you’ll need an unfiltered direct
connection to the internet. Our labs will not be accessible from
behind a proxy or a firewalled internet connection
Students should bring a Laptop with Wifi connectivity and admin privileges.
The attendees will also receive a free DevSecOps tool-chest (designed by the NotSoSecure team) which can be directly implemented in most CI/CD pipelines.
06/04/2022 a 07/04/2022