DevSecOps Foundation (DSOF)℠ eLearning

• Organizations that wish to adopt DevSecOps’ best practices, strategies, or style of automation

• DevOps engineers/ leaders or Site reliability engineers looking to incorporate security measures into their current DevOps practices

• Engineers and managers interested in continuous delivery toolchain architectures

• Compliance and security staff aiming to contribute towards DevOps teams

• IT managers, directors, security professionals, practitioners, project and program managers, and corporate stakeholders seeking a greater understanding of the DevSecOps methodology

• Delivery, maintenance, and support staff, as well as quality assurance teams, software engineers, Scrum masters, release managers, testers, and so on

• Anyone looking to pass the DevSecOps Foundation (DSOF) examination

• The practices, benefits, and vocabulary of DevSecOps

• How the elements of DecSecOps differentiate it from other frameworks

• How to create business-driven strategies for security

• How DevSecOps integrates security into the continuous assessment practices of DevOps

• How to utilize data and security sciences when attempting to understand or apply data

• How to integrate DevSecOps into organizational cultures

• How to add security measures into continuous delivery workflows

• How DevSecOps enables organizational transformation

• Everything needed to pass the official DevSecOps Foundation (DSOF)℠ exam

Why should you take this course?

• The purpose, practices, benefits, concepts, and vocabulary of DevSecOps

• How DevSecOps differs from other security approaches

• How to create business-driven strategies for security

• How DevSecOps integrates security into the continuous assessment practices of DevOps and how DevSecOps fits in with DevOps cultures

• How to utilize data and security sciences when attempting to understand or apply data

• How to integrate DevSecOps into organizational cultures

• How to add security measures into continuous delivery workflows

• How DevSecOps engineers enable organizational transformation

• How to integrate high-level corporate stakeholders into DevSecOps practices/ pipelines

• How to enhance communication between Dec, Sec, and Ops teams

• Everything needed to pass the official DevSecOps Foundation exam

Module 0: Welcome to DevSecOps Foundation Learning Objectives

Module zero introduces you to the course’s main features, learning plan, aims and objectives, and structure. It also addresses some of the most frequently asked questions about DevSecOps.

This module also provides students with a toolkit:

• Table of contents
• DevOps Foundation reference sheet
• DevSecOps reference sheet
• Skills self-audit form
• Glossary
• Build your own glossary
• Further resources
• Diagram pack

Lastly, students will be given a complete exam information guide and a list of further literature that will be useful throughout the course.

Module 1: Realizing DevSecOps outcomes Learning Objectives

In module one, we take a look at the background and evolution of DevSecOps. We also cover CALMS and the Three Ways.

We also dive into issues and constraints associated with security and explore what is meant by the term ‘safety culture’.

Module 2: Defining the cyber threat landscape Learning Objectives

In module two, we move on to consider the concepts of threat modeling, supply chain hygiene, and continuous compliance.

We also look at common risks and vulnerabilities DevSecOps engineers have to deal with.

Module 3: Integrating DevSecOps stakeholders Learning Objectives

In this module, we explore what a ‘good’ culture looks like and how we can both understand cultural differences and close any cultural gaps within organizations.

We also examine the types of stakeholders involved in DevSecOps cultures, as well as the different metrics that are important to them, before concluding with a review of governance, flow, and control.

Module 4: Establishing DevSecOps practices Learning Objectives

In this module, we explore how you can set up DevSecOps practices.

We also cover the topics of continuous security, onboarding and resistance, the CI/CD pipeline, and both Cloud and Container security.

Module 5: Memory game Learning Objectives

This module includes a short memory game designed to test how many key terms and definitions you can recall from modules 1-4.

Module 6: Best practices to get started Learning Objectives

In module six, we address the best practices for flow, feedback, and learning.

Module 7: DevOps pipelines and continuous compliance Learning Objectives

Here, we dive into the DevOps pipeline, including the planning and construction activities associated with it.

We also explore the goals and the perils of the pipeline as well as continuous integration and delivery practices before considering how engineers can secure a pipeline.

Module 8: Building a responsive DevSecOps model Learning Objectives

In module eight, we move on to explore what we mean by the term ‘responsive’ and why it is important when operating in cyber threat landscapes.

We also analyze KPIs, measuring, and reporting before addressing how to implement a secure pipeline.

Module 9: Learning using outcomes Learning Objectives

Module 9 addresses the importance of continual learning and touches on principles like training as policy, learning communities, and the value of retrospective and innovative learning.

Module 10: Memory game Learning Objectives

This module includes a short memory game designed to test how many key terms and their definitions you can recall from modules 6-9.

Module 11: Course wrap-up Learning Objectives

This module concludes the course.

Module 12: Practice Exams Learning Objectives

The course comes with two practice exams to help students prepare for the official DevSecOps Foundation (DSOF) certification exam. The first one was developed by the DevOps Institute, while the second has been tailored by our team of experts at Good e-Learning.

Students are advised to become familiar with the testing environment before booking the official exam.

When you feel you are ready to sit the exam, simply contact Good e-Learning to request your FREE exam voucher.