DevSecOps Foundation (DSOF) [DEVSOF]

OVERVIEW

As companies deploy code faster and more often than ever, new vulnerabilities are also accelerating. When the boss says, “Do more with less”, DevOps practices adds business and security value as an integral, strategic component. Delivering development, security, and operations at the speed of business should be an essential component for any modern enterprise. Course topics covered include how DevSecOps provides business value, enhancing your business opportunities, and improving corporate value. The core DevSecOps principles taught can support an organizational transformation, increase productivity, reduce risk, and optimize resource usage.

This course explains how DevOps security practices differ from other approaches then delivers the education needed to apply changes to your organization. Participants learn the purpose, benefits, concepts, vocabulary and applications of DevSecOps. Most importantly, students learn how DevSecOps roles fit with a DevOps culture and organization. At the course’s end, participants will understand “security as code” to make security and compliance value consumable as a service.

No course would be complete without practical application and this course teaches the steps to integrate security programs from the developers and operators through the business C-level. Every stakeholder plays a part and the learning material highlights how professionals can use these tools as the primary means of protecting the organization and customer through multiple case studies, video presentations, discussion options, and exercise material to maximize learning value. These real-life scenarios create tangible takeaways participants can leverage upon their return to the home office. This course positions learners to pass the DevSecOps Foundation exam.

OBJECTIVES

The learning objectives include a practical understanding of:
? The purpose, benefits, concepts, and vocabulary of DevSecOps

? How DevOps security practices differ from other security approaches

? Business-driven security strategies and Best Practices

? Understanding and applying data and security sciences

? Integrating corporate stakeholders into DevSecOps Practices

? Enhancing communication between Dev, Sec, and Ops teams

? How DevSecOps roles fit with a DevOps culture and organization

AUDIENCE

The target audience for the DevSecOps Foundation course are professionals including:

? Anyone involved or interested in learning about DevSecOps strategies and automation

? Anyone involved in Continuous Delivery toolchain architectures

? Compliance Team

? Business managers

? Delivery Staff

? DevOps Engineers

? IT Managers

? IT Security Professionals, Practitioners, and Managers

? Maintenance and support staff

? Managed Service Providers

? Project & Product Managers

? Quality Assurance Teams

? Release Managers

? Scrum Masters

? Site Reliability Engineers

? Software Engineers

? Testers

CERTIFICATION

Successfully passing (65%) the 60-minute examination, consisting of 40 multiple-choice questions, leads to the candidate’s designation as DevSecOps Foundation (DSOF) certified. The certification is governed and maintained by DevOps Institute.

NEXT STEP

DevSecOps Practitioner highly recommended.

CONTENT

What Skills & Knowledge Will You Validate?

Why DevSecOps?
Culture and Management
Strategic Considerations
General Security Considerations
IAM: Identity & Access Management
Application Security
Operational Security
Governance, Risk, Compliance (GRC) and Audit
Logging, Monitoring, and Response