PeopleCert DevSecOps
Course Description
PeopleCert DevSecOps:
fortify your DevOps process from security risks
The PeopleCert DevSecOps
certification has been designed to address the needs of professionals who want
to enable their organisation to integrate security across their entire DevOps
deployment pipeline.
What is DevSecOps?
DevSecOps is the integration of
security-related activities into the daily work of application development and
IT operations; security is built into the entire DevOps process and across the
four pillars of culture, automation, metrics, and sharing (CAMS, or CALMS with
the addition of Lean).
Which are the Key Goals of DevSecOps?
·
Deliver software rapidly and
cost-effectively
·
Encourage a proactive approach to
security issues
·
Eliminate Silos
·
Promote stronger collaboration and
teamwork between Dev, Sec, and Ops
·
Make everyone more accountable for
security
·
Ensure processes are repeatable
while also being adaptive
Is DevSecOps for me?
This certification has been designed
for all professionals working either in Software Development or IT Operations
in a DevOps environment and want to infuse security strategies and automation
in their deployment pipeline. Examples of roles include:
· Compliance Team
· Delivery Staff
· DevOps Engineers
· IT Managers
· IT Security Professionals, Practitioners, and Managers
· Maintenance and support staff
· Managed Service Providers
· Project & Product Managers
· Quality Assurance Teams
· Release Managers
· Scrum Masters
· Site Reliability Engineers
· Testers
The Certification can help:
4 + 1 reasons why you need a PeopleCert DevSecOps certification • Help your organisation adopt best DevSecOps practices • Understand the necessary security elements for safe operation • Learn the skills and traits of effective DevSecOps professionals • Practical, interactive, lightweight • Get certified anytime, anyplaceLearning Outcomes
What will you learn?
DevOps Essentials
Learn what DevOps is, it’s key principles and concepts, the business and IT challenges it tries to address, the importance of the three ways, the five ideals of DevOps, and how to define DevSecOps.
Information Security
Get a deep dive into the in Confidentiality, Integrity, Availability, Types of Attacks, and Adversaries and their Weapons.
DevSecOps
Understand how security is implied in DevOps, how DevOps and Security teams can coexist, and the three Layers of DevSecOps.
Layer One – Security Education
Learn about the Critical Nature of Security Education, Security Champions, Formal Learning, Pair Programming and Peer Reviews, Informal Learning, Security Standards, Best Practices, and Regulations
Layer Two – Security by Design
Learn about the Importance of Core Application Security Design Principles, Threat Modeling, Clean Code and Rugged DevOps, Naming Conventions, Common Weakness Lists, Container Technologies, and Pipeline Building and Securing
Layer Three – Security Automation
Learn about Security Automation, Pyramid of Security Testing, and Vulnerability Management.
The Foundation for DevSecOps
Learn about Technical Debt Reduction, Measurement and Adjustment, and DevSecOps as Culture
Exam Format
- Multiple choice examination questions
- 40 questions
- 28 marks required to pass (out of 40 available) – 70%
- 60 minutes’ duration
- book