Certified DevOps Security Practitioner (CDSP) Training

Network Intelligence has scheduled a 3 day training on DevOps Security called Certified DevOps Security Practitioner (CDSP). This training focuses on Embedding security into the DevOps processes is referred to as DevSecOps. While DevOps addresses the business need of rapidly delivering products and release code in order to satisfy customer demands, it is important that security must work in tandem with Agile and DevOps processes.

DevOps addresses the traditional silos between Development and Operations, DevSecOps seeks to address the silos between Dev, Ops and Security teams. Automated application security further facilitates reducing friction and removing bottlenecks in the CI/CD cycle.

In this course, we will be learning how DevSecOps is implemented in a company by using various programming languages and open source tools. It will be helpful to jumpstart in understanding and exposure to various security automation possibilities which can be integrated in DevOps related to application or infrastructure security.

One such course that we have developed around the DevOps security is CDSP. The CDSP training is a 12 hours of online training spread across 3 days 4 hours each day and the workshop module is for 12 hours which includes 11 hours of training sessions followed by 1-hour online examination.

Training Details:


Americas & Europe:

  • Date: September 20 - 22, 2021
  • Timing: 1:00 Pm – 5:00 Pm (GMT)
  • Duration: 4 hours for 3 days (12 hours of online training)
  • Mode: Online - Microsoft Teams
  • Fees:
    • USD $ 200 for Non ISACA/ISC2 Members
    • USD $ 160 for ISACA/ISC2 Members
Register your interest


Asia & Middle East

  • Date: September 27 - 29, 2021
  • Timing: 6:00 Am – 10:00 Am (GMT)
  • Duration: 4 hours for 3 days (12 hours of online training)
  • Mode: Microsoft Teams
  • Fees:
    • USD $ 200 for Non ISACA/ISC2 Members
    • USD $ 160 for ISACA/ISC2 Members
Register your interest

Certified DevOps Security Practitioner (CDSP)– 3 Days course contents
Module 1:
  • Intro DevOps Culture
  • DevOps Principles
  • Overview of DevOps Tools
  • DevOps CI/CD Pipelining
  • Security & Compliance Challenges in DevOps
    • Regulation
    • Security Compliance
    • Cloud Service threats
    • Rapid releases
    • New Technology (Microservices)
Module 2:
  • Case Study
  • Shift Secure Left
  • OWASP Proactive Controls
  • Using Infrastructure as Code
  • The ‘HoneyMoon’ Effect
  • SDOMM or DSOMM(Maturity Model)
Module 3:
  • Security challenges in CI/CD
  • Case Study
  • Injecting Security into CI/CD
  • Hands-on Open Source Tools (npm,owasp dependency checker,retire.js)any one
  • Static Analaysis
  • Hands-on Open Source Tools (gitrob/trufflehog,open source static code scanner) any one
  • Dynamic Analaysis
  • Hands-on Open Source Tools (zap)
  • Security Testing
  • Git Attack & Best Pratice
  • Jenkins Attack & Best Pratice
Module 4:
  • Microservice Security
  • What is Docker?
  • Overview of Docker Components
  • Security Concerns with Containers
  • Attacking Docker Containers Misconfiguration(Hands-on)
  • Auditing Docker Containers(Hands-on)
  • Kubernetes Attacking and Defending
Module 5:
  • Security Automation
  • CaseStudy
  • Security Policy
  • Framework(BDD,Robot)
  • Introduction to ansible(Iaac)
  • Ansible overview
  • Hands-on Security Automation
Module 6:
  • Security Automation Compliance
  • Hands-on Inspec
  • Runtime Checks & Monitoring
  • Netflix - Security Monkey’s
Module 7:
  • WAF Intro
  • Case Study (Microservice)
  • Owasp Modsecurity
  • Intro to Cloud –DevSecOps (AWS, Azure)
  • Serverless Security
Sample Certificate:

 

Terms & Conditions:
  • Fees, speakers and date are subject to change.
  • Any cancellations received within the last ten calendar days would be liable for 50% of the course fees. Cancellations must be received in writing at least one week prior to course commencement. No-shows would be fully charged.
  • Registered attendees who are unable to attend the above course can send replacements subject to one week’s notification. * Membership fee applies.
Privacy Notice:

We are committed to respecting your privacy and we recognize the importance of protecting the information collected about you. All of the personal information that you have submitted during the registration shall only be processed in relation to your attendance to this event (i.e., processing of payments, issuance of certificate, sending of any announcements, future events and activities). All the information that you have provided in relation to this event shall be protected with reasonable and appropriate measures and shall only be retained as long as necessary in its processing.