DevSecOps+ Program

DevSecOps+ course is offered by CyberForge Academy. Our instructors are experienced, qualified and have experience in developing/deploying/securing SaaS. At CyberForge Academy, we envision a world where everyone has the opportunity to learn and grow with the rapid advancements in technology.

Our vision is to be a catalyst for change, fostering a global community of learners, innovators, and leaders who are prepared to tackle the challenges of tomorrow.

Syllabus:

• Module 1: Introduction to DevOps and DevSecOps
• Understanding DevOps principles
• Introduction to DevSecOps
• The importance of security in the DevOps lifecycle
• Cultural changes and collaboration
• Module 2: Secure Development Practices
• Secure coding practices
• Application security testing (SAST, DAST, IAST)
• Threat modeling in the development phase
• Security in code repositories and version control
• Module 3: Security in Continuous Integration and Continuous Deployment
• Integrating security tools in CI/CD pipelines
• Automating security testing in CI/CD
• Managing secrets and credentials securely
• Container security in CI/CD workflows
• Module 4: Infrastructure as Code Security
• Security in provisioning and managing infrastructure
• Using Terraform, Ansible, and other IaC tools securely
• Scanning Infrastructure as Code for vulnerabilities
• Module 5: Compliance and Security Standards
• Understanding compliance in DevSecOps
• Implementing security standards and policies
• Automated compliance checks
• Module 6: Monitoring, Logging, and Incident Response in DevSecOps
• Real-time monitoring and alerting
• Log management and analysis
• Incident response in a DevOps environment
• Security Information and Event Management (SIEM) integration
• Module 7: Cloud Security in DevSecOps
• Security considerations in cloud environments (AWS, Azure, GCP)
• Cloud-native security tools and practices
• Securing cloud infrastructure and applications
• Module 8: Advanced Topics in DevSecOps
• Microservices security
• API security in DevSecOps
• Security in serverless architectures
• Emerging trends and technologies in DevSecOps