Network Intelligence - a 20-year old global cybersecurity services firm working across the domains of security ranging from assessment to advisory services to compliance consulting & certification for standards like PCI DSS, PA DSS, GDPR, ISO 27001. Apart from being a consulting arm to our clients, we do provide specialized training for professionals in the cybersecurity domain.
Network Intelligence has scheduled a 3 day training on DevOps Security called Certified DevOps Security Practitioner (CDSP). This training focuses on Embedding security into the DevOps processes is referred to as DevSecOps. While DevOps addresses the business need of rapidly delivering products and release code in order to satisfy customer demands, it is important that security must work in tandem with Agile and DevOps processes.
One such course that we have developed around the DevOps security is CDSP. The CDSP training is a 12 hours of online training spread across 3 days 4 hours each day and the workshop module is for 12 hours which includes 11 hours of training sessions followed by 1-hour online examination.
The Training details are under:
Below is the course outline of the training and attached is the training brochure for your reference.
Certified DevOps Security Practitioner (CDSP)– 3 Days course contents
• Intro DevOps Culture
• DevOps Principles
• Overview of DevOps Tools
• DevOps CI/CD Pipelining
• Security & Compliance Challenges in DevOps
• Security Compliance
• Cloud Service threats
• Rapid releases
• New Technology (Microservices)
• Case Study
• Shift Secure Left
• OWASP Proactive Controls
• Using Infrastructure as Code
• The ‘HoneyMoon’ Effect
• SDOMM or DSOMM(Maturity Model)
· Microservice Security
· What is Docker?
· Overview of Docker Components
· Security Concerns with Containers
· Attacking Docker Containers Misconfiguration(Hands-on)
· Auditing Docker Containers(Hands-on)
· Kubernetes Attacking and Defending
· Security Automation
· Security Policy
· Introduction to ansible(Iaac)
· Ansible overview
· Hands-on Security Automation
· Security challenges in CI/CD
· Case Study
· Injecting Security into CI/CD
· Hands-on Open Source Tools
(npm,owasp dependency checker,retire.js)any one
· Static Analaysis
· Hands-on Open Source Tools
(gitrob/trufflehog,open source static code scanner) any one
· Dynamic Analaysis
· Hands-on Open Source Tools (zap)
· Security Testing
· Git Attack & Best Pratice
· Jenkins Attack & Best Pratice
· Security Automation Compliance
· Hands-on Inspec
· Runtime Checks & Monitoring
· Netflix - Security Monkey’s
· WAF Intro
· Case Study (Microservice)
· Owasp Modsecurity
· Intro to Cloud –DevSecOps (AWS, Azure)
· Serverless Security
Please suggest your interest for the participation and do advise if you require any further information and I will be much happy to assist you.
Thank you and I look forward to your participation.
The SC Cyber Association , a 501(c)(6) non-profit that provides professional development and connection opportunities in the Palmetto State.
The SC Cyber Foundation , a 501(c)(3) non-profit that provides funding for cyber education in the Palmetto State.
CyberSC is a member affiliate of CyberUSA
802 Creekleaf Court
Columbia, SC 29212
(877) 627 - 7117
© 2022 CYBERSC