DevSecOps Training

  • Learn via: Classroom / Virtual Classroom / Online
  • Duration: 3 Days
  • Download PDF
  • We can host this training at your preferred location. Contact us!
Upcoming Training

08 March 2021

3 Days

Modern enterprises are implementing the technical and cultural changes required to embrace DevOps methodology. DevSecOps extends DevOps by introducing security early into the SDLC process, thereby minimizing the security vulnerabilities and enhancing the software security posture. In this workshop, updated for 2020, we will show how this can be achieved through a series of live demonstrations and practical examples.

As part of this workshop attendees will receive a state-of-the-art DevSecOps tool-chest comprising of various open-source tools and scripts to help the DevOps engineers in automating security within the CI/CD pipeline. While the workshop uses Java/J2EE framework, the workshop is language agnostic and similar tools can be used against other application development frameworks.

DevSecOps Workshop, which will give the target audience a holistic approach in assessing and securing the web applications in an automated fashion within the existing CI/CD pipeline, can be attended by DevOps engineers, security and solutions architects, system administrators and anybody who is willing to inject security aspects in their DevOps process.

The DevSecOps process will help to:

  • Create a security culture/mind-set amongst the already integrated “DevOps” team
  • Find and fix security bugs as early in SDLC as possible
  • The culture promotes the philosophy “security is everyone’s problem”
  • Integrate all security software centrally and utilize the results more effectively
  • Measure and shrink the attack surface

DevSecOps Workshop, which will give the target audience a holistic approach in assessing and securing the web applications in an automated fashion within the existing CI/CD pipeline, can be attended by DevOps engineers, security and solutions architects, system administrators and anybody who is willing to inject security aspects in their DevOps process.

The following topics will be covered encompassing the entire Secure DevOps pipeline

  • Introduction and overview of DevOps
  • What and Why of DevSecOps ?
  • Integrating Security in CI/CD
  • Vulnerability Management using Archerysec
  • Secret Management using Vault, Jenkins and Docker Secrets
  • Security in Developer Workstations: Pre-Commit Hooks using Talisman
  • Software Composition Analysis using Dependency-Checker
  • SAST – Static Application Security Testing using FindSecBugs
  • DAST – Dynamic Application Security Testing using ZAP and OpenVAS
  • Compliance as Code using Inspec
  • Security in Infrastructure as a Code using Clair
  • Monitoring and Feedback using Modsecurity WAF
  • DevSecOps in AWS
  • Challenges in DevSecOps
  • DevSecOps Enablers

The attendees will also receive a free DevSecOps tool-chest (designed by the NotSoSecure team) which can be directly implemented in most CI/CD pipelines.



Contact us for more detail about our trainings and for all other enquiries!

Upcoming Trainings

Join our public courses in our Istanbul, London and Ankara facilities. Private class trainings will be organized at the location of your preference, according to your schedule.

08 March 2021

3 Days
Classroom / Virtual Classroom

Istanbul, Ankara, London
Istanbul, Ankara, London

17 May 2021

3 Days
Classroom / Virtual Classroom

Istanbul, Ankara, London
Istanbul, Ankara, London

01 July 2021

3 Days
Classroom / Virtual Classroom

Istanbul, Ankara, London
Istanbul, Ankara, London

27 September 2021

3 Days
Classroom / Virtual Classroom

Istanbul, Ankara, London
Istanbul, Ankara, London

22 November 2021

3 Days
Classroom / Virtual Classroom

Istanbul, Ankara, London
Istanbul, Ankara, London

Related Trainings

Secure by Design

With the increase in cyber-attacks on business, it's time to start building security into new...

  • Classroom
  • Virtual Classroom
  • Online

3 Day