Implementing DevSecOps
- Learn how to build security into your DevOps process
- Learn how to use security requirements to plan your testing efforts
- Explore key aspects of security testing – web security, threat modeling, risk assessment
- Learn how security testing can be effectively leveraged within a DevOps pipeline
- Understand how DevSecOps builds upon DevOps practices
- Understand how technical and automation skills can be leveraged in your DevSecOps efforts
- Develop practical experience through the completion of hands-on exercises
Your organization has started moving toward a DevOps way of thinking and working, and you have started to set up a delivery pipeline. However, you realize that security testing is missing from your pipeline, and you know that testing for security early and often is an important part of ensuring that your system is free from vulnerabilities.
If you are looking for a way to include security testing in your pipeline and turn your DevOps practice into a DevSecOps practice, then this course is for you. You will learn how DevSecOps builds upon the principles and practices of DevOps and how to integrate security testing tools into the various stages of the pipeline. This course will give you hands-on practice with configuring and using these tools so that you will be prepared to introduce DevSecOps to your own organization.
Who Should Attend?
This course is appropriate for software professionals who are involved with development, testing, security, and operations and who want to incorporate security testing into their organization’s pipeline. Because this course has a heavy focus on hands-on exercises, it is most appropriate for practitioners and will not be tailored toward management or leadership.
Tom Stiehm has been developing applications and managing software development teams for over twenty years. As CTO of Coveros, he is responsible for the oversight of all technical projects and integrating new technologies and testing practices into software development projects. Recently, Tom has been focusing on how to incorporate DevSecOps and agile best practices into projects and how to achieve a balance between team productivity and cost while mitigating project risks. One of the best risk mitigation techniques Tom has found is leveraging DevSecOps and agile testing practices into all aspects of projects. Previously, as a managing architect at Digital Focus, Thomas was involved in agile development and found that agile is the only methodology that makes the business reality of constant change central to the process.