DevSecOps Practice

This is a “Practice by Doing” module - participants will have hands-on practice in a simulated environment to apply what they have learned.

Dates: To Be Advised
This module is available on a standalone basis.

Learning Activities:

• Acquire a good understanding of the role of security in DevSecOps practice

• Learn how continuous integration and continuous delivery (CI/ CD) is applied in DevOps and cybersecurity requirements

• Understand how to incorporate the DevSecOps practice in the security design and requirements phases of the application development lifecycle

• Gain exposure to Open Source DevOps tools such as Puppet, Chef, Ansible through hands-on exercises

Topic/ Structure:

• 1. Why DevOps practice is not complete without taking into account the security
• 2. Security by Design Framework (Ref: CSA)
• 3. DevSecOps and S-SDLC – how are they related
• 4. Use cases – how to embed cyber security requirements into DevOps delivery pipeline

Prerequisites:

• Participants should have basic IT knowledge and fundamentals of cybersecurity