Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Introduction to DevSecOps and the ECDE Framework
- DevSecOps fundamentals and core principles
- Security challenges within DevOps environments
- Overview of the ECDE exam structure and key domains
Building a Secure DevOps Culture and Mindset
- Treating security as a shared responsibility
- Shifting security left throughout the SDLC
- Aligning stakeholders and defining team roles
Integrating Security into CI/CD Pipelines
- Securing Jenkins, GitLab CI, and Azure DevOps pipelines
- Managing secrets and configuring environments securely
- Ensuring secure container builds and conducting image scanning
Application Security within DevSecOps
- Static and dynamic application security testing (SAST/DAST)
- Open-source dependency scanning using SCA tools
- Conducting secure code reviews and adhering to secure coding practices
Infrastructure as Code and Cloud Security
- Securing Terraform, Ansible, and Kubernetes configurations
- Implementing IAM and policy-as-code
- Applying DevSecOps in hybrid and multi-cloud environments
Monitoring, Compliance, and Incident Readiness
- Security monitoring and logging within CI/CD pipelines
- Automating compliance with standards such as NIST, ISO, and SOC 2
- Establishing automated remediation and incident response workflows
ECDE Exam Preparation and Final Capstone Lab
- ECDE exam structure and preparation strategies
- Capstone DevSecOps pipeline laboratory exercise
- Knowledge checks and readiness assessments
Summary and Next Steps
Requirements
- Understanding of basic DevOps workflows and tools
- Familiarity with the software development lifecycle (SDLC)
- Knowledge of application security principles is beneficial
Target Audience
- DevOps engineers
- Application security professionals
- Software developers integrating security into their pipelines
28 Hours
Testimonials (3)
Experience sharing, it's teacher's know-how and valuable.
Carey Fan - Logitech
Course - C/C++ Secure Coding
The really lot of extra tools that was mentioned and the real life examples form Mane's experience.
Tamas Adam - Ericsson
Course - Certified Ethical Hacker CEH v.13 AI
the knowledge of the trainer was very high - he knew what he was talking about, and knew the answers to our questions