DevSecOps Foundation (DSOF)- accredited training with exam
training code: ZP-DSOF-DOIen / ENG DL 2d / ENLearn the purpose, benefits, concepts, and vocabulary of DevSecOps including DevOps security strategies and business benefits.
With the rising number of data breaches and increased emphasis on data privacy regulations, organizations must prioritize security and compliance measures in everyday workflows.
THE AIM OF A TRAINING PROJECT:
- Learn the purpose, benefits, concepts, and vocabulary of DevSecOps including DevOps security strategies and business benefits. As companies deploy code faster and more often than ever, new vulnerabilities are also accelerating. When the boss says, “Do more with less”, DevOps practices adds business and security value as an integral, strategic component. Delivering development, security, and operations at the speed of business should be an essential component for any modern enterprise.
- Course topics covered include how DevSecOps provides business value, enhancing your business opportunities, and improving corporate value. The core DevSecOps principles taught can support an organizational transformation, increase productivity, reduce risk, and optimize resource usage.
- This course explains how DevOps security practices differ from other approaches then delivers the education needed to apply changes to your organization. Participants learn the purpose, benefits, concepts, vocabulary and applications of DevSecOps. Most importantly, students learn how DevSecOps roles fit with a DevOps culture and organization. At the course’s end, participants will understand “security as code” to make security and compliance value consumable as a service.
- No course would be complete without practical application and this course teaches the steps to integrate security programs from the developers and operators through the business C-level.
- Every stakeholder plays a part, and the learning material highlights how professionals can use these tools as the primary means of protecting the organization and customer through multiple case studies, video presentations, discussion options, and exercise material to maximize learning value. These real-life scenarios create tangible takeaways participants can leverage upon their return to the office.
- This course positions learners to pass the DevSecOps Foundation exam.
The target audience for the DevSecOps Foundation course are professionals including:
- Anyone involved or interested in learning about DevSecOps strategies and automation
- Anyone involved in Continuous Delivery toolchain architectures
- Compliance Team
- Business managers
- Delivery Staff
- DevOps Engineers
- IT Managers
- IT Security Professionals, Practitioners, and Managers
- Maintenance and support staff
- Managed Service Providers
- Project & Product Managers
- Quality Assurance Teams
- Release Managers
- Scrum Masters
- Site Reliability Engineers
- Software Engineers
- Testers
Benefits for Individuals:
- Understanding the contribution of DevSecOps to GRC and delivering business value
- Understanding that security and speed in software development are not inversely related objectives
- Internalizing the contribution of tools and automation in DevSecOps
- Understanding the role of culture in shifting security left
Benefits for Organizations:
- Developing software that is secure by design
- Improved assurance of meeting security, compliance, legal and regulatory requirements
- Frictionless relationship between security professionals and developers
- Better formed, scalable, and speed-aware security practices
The participants receive vouchers, which are valid for 6 months, for online exam.
Having completed the training, the participant receives an e-mail with guidelines how to register on the exam. The date is determined directly with PeopleCert, with the use of participant’s account.
Online exam is conducted in the presence of proctor – a person from PeopleCert, who connects remotely with training participant’s desktop and observes the course of exam via Internet camera.
The person who takes the exam is obliged to show the place where he is going to write the exam to proctor via Internet camera. Proctor checks if there are not any other persons and study aids in the room.
DevSecOps Foundation (DSOF) exam:
- Exam duration 60 minutes
- 40 multiple-choice questions
- Required 65%, 26 correct answers
- Opened book
Participants should have baseline knowledge and understanding of common DevOps definitions and principles.
- Training: English
- Materials: English
- Exam: English
- Access to a platform with accredited training materials
- Voucher for the DevSecOps Foundation (DSOF) online exam
Additional options:
- Take2 re-sit exam: 200 zł
Attention: purchasing this option is only possible through Altkom Academy before the training.
- Module 1: Realizing DevSecOps Outcomes
- Origins of DevOps
- Evolution of DevSecOps
- CALMS
- The Three Ways
- Module 2: Defining the Cyberthreat Landscape
- What is the Cyber Threat Landscape?
- What is the threat?
- What do we protect from?
- What do we protect, and why?
- How do I talk to security?
- Module 3: Building a Responsive DevSecOps Model
- Demonstrate Model
- Technical, business and human outcomes
- What’s being measured?
- Gating and thresholding
- Module 4: Integrating DevSecOps Stakeholders
- The DevSecOps State of Mind
- The DevSecOps Stakeholders
- What’s at stake for who?
- Participating in the DevSecOps model
- Module 5: Establishing DevSecOps Best Practices
- Start where you are
- Integrating people, process and technology and governance
- DevSecOps operating model
- Communication practices and boundaries
- Focusing on outcomes
- Module 6: Best Practices to get Started
- The Three Ways
- Identifying target states
- Value stream-centric thinking
- Module 7: DevOps Pipelines and Continuous Compliance
- The goal of a DevOps pipeline
- Why continuous compliance is important
- Archetypes and reference architectures
- Coordinating DevOps Pipeline construction
- DevSecOps tool categories, types and examples
- Module 8: Learning Using Outcomes
- Security Training Options
- Training as Policy
- Experiential Learning
- Cross-Skilling
- The DevSecOps Collective Body of Knowledge
- Preparing for the DevSecOps Foundation certification exam