DevSecOps: Pragmatic Implementation

Purchase of a course from CSA’s Knowledge Center ensures access to the material for up to one year from the date of purchase. This course is estimated to take approximately 3.2 hour(s) to complete. After completion, you will receive a certificate for each course with the hour(s) listed that may be submitted for possible CPE credits.

For more information regarding the calculation of course length and CPE credits, please refer to our FAQ. 

This self-paced course provides learners with a framework-agnostic approach to pragmatically embed security within any software development lifecycle (SDLC) to foster safety, privacy, and trust in the digital environment. This Training explores the significance of proactive security measures and provides a deep dive into the success factors for transformation. Part 1 covers the first three SDLC stages: Design and Architecture, Coding, and Integration and Test

Additionally, this course explores the significance of secure deployment practices, such as secure coding, and the nuances of runtime security and incident management. Part 2 covers the last two stages of the SDLC: Delivery and Deployment, and Runtime. 

After completing this course, learners will be able to:

• Understand the significance of triggers and security in three stages of the SDLC
• Identify potential security threats, evaluate them, and then devise countermeasures
• Explain the value of proactive security measures, such as secure coding, threat modeling, and software composition analysis (SCA), to prevent vulnerabilities and ensure robust software design
• Summarize various methodologies and tools used to test applications, systems, and networks security, while underscoring the value of proactive security measures to prevent vulnerabilities, data breaches, and other security threats

This course is a great fit for anyone in the following roles:

• Anyone involved in the management and operational functions of risk, information security and information technology
• CISOs, CIOs, CTOs, and those leading digital transformation initiatives
• Application, platform, and security engineers and architects 

Prerequisites:

Students must have an understanding of the following topics before taking this course:

• Basics of SDLC
• Introductory concepts of DevSecOps
• Fundamental knowledge of digital security practices

It is highly recommended that students complete the following course(s) before taking this one: 

• DevSecOps: Collective Responsibility
• DevSecOps: Bridging Compliance & Development
• DevSecOps: Automation