Applied DevSecOps
Startdata en plaatsen
placeLaapersveld 27, Hilversum 13 mei. 2024 tot 14 mei. 2024Toon rooster event 13 mei 2024, 09:00-17:00, Laapersveld 27, Hilversum, Dag 1 event 14 mei 2024, 09:00-17:00, Laapersveld 27, Hilversum, Dag 2 |
placeLaapersveld 27, Hilversum 3 okt. 2024 tot 4 okt. 2024Toon rooster event 3 oktober 2024, 09:00-17:00, Laapersveld 27, Hilversum, Dag 1 event 4 oktober 2024, 09:00-17:00, Laapersveld 27, Hilversum, Dag 2 |
Beschrijving
During this 2 day intense training you start of with a punch in threat-modeling to get a feeling of the importance of the vulnerabilities you find. After that, we will deep dive into the space of application security automation: starting with simple dependency checking, basics of SAST and then deep dive in other various scanners, after which we will do hands-on vulnerability management with Git and tools like DefectDojo. The next day, we take the plunge into infrastructure security automation with a focus on platform security (Docker, host security) and take a look at Identity & Access management, secrets management and security monitoring (through ELK).
Is the Applied DevSecOps training ri…
Veelgestelde vragen
Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.
During this 2 day intense training you start of with a punch in threat-modeling to get a feeling of the importance of the vulnerabilities you find. After that, we will deep dive into the space of application security automation: starting with simple dependency checking, basics of SAST and then deep dive in other various scanners, after which we will do hands-on vulnerability management with Git and tools like DefectDojo. The next day, we take the plunge into infrastructure security automation with a focus on platform security (Docker, host security) and take a look at Identity & Access management, secrets management and security monitoring (through ELK).
Is the Applied DevSecOps training right for me?
- Yes - if you work as an Operations specialist, as a member of an SRE team or as a member of a platform team
- Yes - if you work as a security professional
- Yes - if you want to find out how the security in modern environments can scale up faster
- Yes - if you want to be able to detect and prevent common security pitfalls
What will I achieve by completing this training?
You will learn:
- The basics of DevSecOps and Threatmodeling
- How to look at the overall security of a system (e.g. the application and the underlying infrastructure)
- The basics of various available security tooling: SAST, DAST, iAST, RASP, WAF, dependency checkers, vulnerability managers, vulnerability scanners, compliancy automators
- The various techniques available to validate the security posture of your system
- The principles of immutable infrastructure in a security context
- The various challenges on scaling your security automation
- The basics of IaM and secrets management
You will gain experience in:
- Taking care of your third party vulnerabilities
- Analyzing the code of your application
- Working with DAST tools
- Secrets management
- Selecting and testing the right tools for security in your pipeline
What else should I know?
- Please bring a laptop with 8GB RAM or more, 24GB free hard-space drive and administrative access with the possibility to run VMs using VirtualBox and Docker containers
Scale up your skills
Boost your career
Get the training you need to succeed, in every IT field.
Learn from the world's leading experts with public and in-company
courses at Xebia Academy.
Blijf op de hoogte van nieuwe ervaringen
Deel je ervaring
Heb je ervaring met deze cursus? Deel je ervaring en help anderen kiezen. Als dank voor de moeite doneert Springest € 1,- aan Stichting Edukans.Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.