Search
START TYPING AND PRESS ENTER TO SEARCH

    Have a Question About This Course?





    Image

    SecDevOps Foundation® (SDOF) Certification Training

    DevOps Certification Course
    This SecDevOps Foundation® (SDOF) Certification Training course will help you prepare for and successfully attain the SecDevOps Foundation Certification. In this course, you will learn the following:

    Benefits, concepts, and vocabulary of SecDevOps and DevSecOps
    How SecDevOps and DevSecOps evolved from Agile
    Differences between DevOps practices and other cybersecurity approaches

    SecDevOps Foundation® (SDOF) Certification Objectives

    • Prepare for the DevOps Institute SecDevOps Foundation Certification (SDOF) with the world's first accredited SecDevOps certification course
    • Trace the history and evolution of SecDevOps
    • Integrate SecDevOps roles with a DevOps culture and organisation
    • Receive official certification from the DevOps Institute (DOI)

    Need Assistance Finding the Right Training Solution

    Our Consultants are here to assist you
    Arrange a consultation

    Key Point of Training Programs

    We have different work process to go step by step for complete our working process in effective way.
    • SecDevOps Foundation® (SDOF) Certification Prerequisites

      Prerequisites

      None.

      SecDevOps Foundation Certification Details

      The 60-minute certification exam is open-book, taken in class, and included in the course tuition.
      It is highly recommended that candidates attend the SecDevOps Foundation course with a DevOps Institute-accredited Education Partner to prepare for the certification exam.
      The certification exam is administered through DOI.

    • SecDevOps Foundation® (SDOF) Certification Training Format

      In-Person

      Online

    • SecDevOps Foundation® (SDOF) Certification Outline

      Module 1: Agile/DevOps Foundation Review
      What is Agile/DevOps?
      DevOps Goals
      DevOps Values
      DevOps Stakeholders

      Module 2: Why SecDevOps?
      Key terms and concepts
      Why SecDevOps is important
      3 Ways to think about DevOps + Security
      Key principles of SecDevOps
      SecDevOps security-first philosophy
      SecDevOps evolution from DevSecOps

      Module 3: Culture and Management
      Key terms and concepts
      How much security is enough?
      Threat modelling
      Context is everything
      High-velocity risk management
      Team security profiling

      Module 4: General Security Considerations
      Avoiding the checkbox trap
      Basic security hygiene
      Architectural considerations
      Federated identity
      Log management

      Module 5: Feature and Security Workflow
      Configuration management
      Centralised workflow
      Workflow branch classifications
      Pre- and post-commit
      Deployment and release orchestration

      Module 6: Acquisition Lifecycle Security
      Needs Phase requirements vs. security
      Acquisition Review Board (ARB)
      Analyse/Select Phase measurement metrics
      Obtain phase life cycle
      Planning and scheduling
      Dispose phase concerns

      Module 7: Identity and Access Management (IAM)
      Key terms and concepts
      Identity and Access Management (IAM) basic concepts
      Why IAM is important
      Implementation guidance
      Automation opportunities
      How to hurt yourself with IAM

      Module 8: Application Security
      Application Security Testing (AST)
      Testing Techniques
      Prioritising Testing Techniques
      Issue Management Integration
      Threat Monitoring
      Leveraging Automation
      Secure coding and Open Web Application Security Project (OWASP) compliance

      Module 9: Operational Security
      Key terms and concepts
      Basic security hygiene practices
      Role of operations management
      The Ops environment
      Embracing fail-early, fail-first
      Security infrastructure as code

      Module 10: Cross-Team Security
      Key terms and concepts
      Establishing trust
      Promoting shared responsibility
      Team verification techniques
      Embedded point-of-contact
      Security, development, and operations sprints

      Module 11: Roles and Responsibilities
      SecDevOps Coach
      Product Owner Expanded Responsibilities
      Programme and Project Manager
      Information System Security Officer (ISSO)
      SecDevOps Engineer
      Site Reliability Engineer

      Module 12: Governance, Risk, Compliance (GRC) Audit
      Key terms and concepts
      What is GRC?
      Why care about GRC?
      Rethinking policies
      Policy as code
      Shifting audit left
      Three myths of segregation of duties vs. DevOps

      Module 13: Logging, Monitoring, and Response
      Key terms and concepts
      Setting up log management
      Incident response and forensics
      Threat intelligence and information sharing

      Module 14: Continual Improvement
      Retrospectives
      Continuous learning
      Open Collaboration (including security)
      Shared intelligence

      Module 14: Review and Summary
      Exam review
      Key course concepts
      Next steps