Log in

Back

Certified DevOps Security Practitioner (CDSP)

Start
20 Sep 2021
1:00 PM
End
22 Sep 2021
5:00 PM
Location
Online

Network Intelligence - a 20-year old global cybersecurity services firm working across the domains of security ranging from assessment to advisory services to compliance consulting & certification for standards like PCI DSS, PA DSS, GDPR, ISO 27001. Apart from being a consulting arm to our clients, we do provide specialized training for professionals in the cybersecurity domain.

Network Intelligence has scheduled a 3 day training on DevOps Security called Certified DevOps Security Practitioner (CDSP). This training focuses on Embedding security into the DevOps processes is referred to as DevSecOps. While DevOps addresses the business need of rapidly delivering products and release code in order to satisfy customer demands, it is important that security must work in tandem with Agile and DevOps processes.

One such course that we have developed around the DevOps security is CDSP. The CDSP training is a 12 hours of online training spread across 3 days 4 hours each day and the workshop module is for 12 hours which includes 11 hours of training sessions followed by 1-hour online examination.

The Training details are under:

· Date: : September 20 - 22, 2021
· Time: 1 00 PM – 5 00 PM (GMT)
· Duration : 4 hours for 3 days (12 hours of online training)
· Mode: Online - Microsoft Teams

· Cost: USD $ 200 for Non Members
o USD $ 160 for Members
· Registration link : https://forms.office.com/r/vdZL1BKpK4

Below is the course outline of the training and attached is the training brochure for your reference.

Certified DevOps Security Practitioner (CDSP)– 3 Days course contents

Module 1:

• Intro DevOps Culture

• DevOps Principles

• Overview of DevOps Tools

• DevOps CI/CD Pipelining

• Security & Compliance Challenges in DevOps

• Regulation

• Security Compliance

• Cloud Service threats

• Rapid releases

• New Technology (Microservices)

Module 2:

• Case Study

• Shift Secure Left

• OWASP Proactive Controls

• Using Infrastructure as Code

• The ‘HoneyMoon’ Effect

• SDOMM or DSOMM(Maturity Model)

Module 4

· Microservice Security

· What is Docker?

· Overview of Docker Components

· Security Concerns with Containers

· Attacking Docker Containers Misconfiguration(Hands-on)

· Auditing Docker Containers(Hands-on)

· Kubernetes Attacking and Defending

Module 5:

· Security Automation

· CaseStudy

· Security Policy

· Framework(BDD,Robot)

· Introduction to ansible(Iaac)

· Ansible overview

· Hands-on Security Automation

Module 3

· Security challenges in CI/CD

· Case Study

· Injecting Security into CI/CD

· Hands-on Open Source Tools
(npm,owasp dependency checker,retire.js)any one

· Static Analaysis

· Hands-on Open Source Tools
(gitrob/trufflehog,open source static code scanner) any one

· Dynamic Analaysis

· Hands-on Open Source Tools (zap)

· Security Testing

· Git Attack & Best Pratice

· Jenkins Attack & Best Pratice

Module 6:

· Security Automation Compliance

· Hands-on Inspec

· Runtime Checks & Monitoring

· Netflix - Security Monkey’s

Module 7:

· WAF Intro

· Case Study (Microservice)

· Owasp Modsecurity

· Intro to Cloud –DevSecOps (AWS, Azure)

· Serverless Security

Please suggest your interest for the participation and do advise if you require any further information and I will be much happy to assist you.

Thank you and I look forward to your participation.

REGISTRATION

The SC Cyber Association , a 501(c)(6) non-profit that provides professional development and connection opportunities in the Palmetto State.

The SC Cyber Foundation , a 501(c)(3) non-profit that provides funding for cyber education in the Palmetto State.

CyberSC is a member affiliate of CyberUSA

CONTACT US

802 Creekleaf Court

Columbia, SC 29212

(877) 627 - 7117