EC-Council DevSecOps Essentials (DSE)

Skip to Scheduled Dates

Course Overview

The DevSecOps Essentials program will provide you with the foundation knowledge and essential aspects of secure application development, or DevSecOps. In this course, you will gather key insights into identifying application development risk and securing and testing applications within on-premises, cloud providers, and hybrid infrastructures. Put your newly acquired abilities to the test in an exhilarating Capstone project to develop the hands-on proficiencies essential for success in your cyber professional role. After completing this program, you will be prepared to move toward a career in secure application development.

Who Should Attend

  • School students, graduates, professionals, career starters and changers, IT / Technology / Cybersecurity teams with little or no work experience.
  • Anyone who wants to start a career in cybersecurity, application security, and development and is interested in cloud technology.
  • Any professional involved in developing, testing, and deploying applications to production environments, including on-premises, public cloud, and hybrid environments.
  • This program is also beneficial for application developers, risk managers, project managers, application administrators, administrators, engineers, and architects.

Course Objectives

    • Learn the fundamentals of application development.
    • Gain knowledge of application security.
    • Understand DevOps and DevSecOps.
    • Explore the DevSecOps toolchain.
    • Gain insights into DevSecOps and CI/CD pipelines.
    • Learn about implementing and using tools for DevSecOps in CI/CD pipelines.

Course Outline

Module 1: Application Development Concepts

  • History of Application Development
  • Evolution of Application Development Methodologies
  • Introduction to Application Architectures
  • Introduction to the Application Development Lifecycle
  • Application Testing and Quality Assurance
  • Application Monitoring, Maintenance, and Support

Module 2: Application Security Fundamentals

  • What is Secure Application Development
  • Need for Application Security
  • Common Application Security Risks and Threats
  • OWASP Top 10
  • Application Security Techniques
  • Secure Design Principles
  • Threat Modeling
  • Secure Coding
  • Secure Code Review
  • SAST and DAST Testing
  • Secure Configurations
  • Educating Developers
  • Role of Risk Management in Secure Development
  • Project Management Role in Secure Application Development

Module 3: Introduction to DevOps

  • Introduction to DevOps
  • DevOps Principles
  • DevOps Pipelines
  • DevOps and Project Management

Module 4: Introduction to DevSecOps

  • Understanding DevSecOps
  • DevOps vs. DevSecOps
  • DevSecOps Principles
  • DevSecOps Culture

Module 5: Introduction to DevSecOps Management Tools

  • Project Management Tools
  • Integrated Development Environment (IDE) Tools
  • Source-code Management Tools
  • Build Tools
  • Continuous Testing Tools

Module 6: Introduction to DevSecOps Code and CI/CD Tools

  • Continuous Integration Tools
  • Infrastructure as Code Tools
  • Configuration Management Tools
  • Continuous Monitoring Tools

Module 7: Introduction to DevSecOps Pipelines

  • Role of DevSecOps in the CI/CD Pipeline
  • DevSecOps Tools
  • Embracing the DevSecOps Lifecycle
  • DevSecOps Ecosystem
  • Key Elements of the DevSecOps Pipeline
  • Integrating Security into the DevOps Pipeline

Module 8: Introduction to DevSecOps CI/CD Testing and Assessments

  • Implementing Security into the CI/CD Pipeline and Security Controls
  • Continuous Security in DevSecOps with Security as Code
  • Continuous Application Testing for CI/CD Pipeline Security
  • Application Assessments and Penetration Testing

Module 9: Implementing DevSecOps Testing & Threat Modeling

  • Integrating Security Threat Modeling in Plan Stage
  • Integrating Secure Coding in Code Stage
  • Integrating SAST, DAST, and IAST in Build and Test Stage
  • Integrating RASP and VAPT in Release and Deploy Stage

Module 10: Implementing DevSecOps Monitoring Feedback

  • Implementing Infrastructure as Code (IaC)
  • Integrating Configuration Orchestration
  • Integrating Security in Operate and Monitor Stage
  • Integrating Compliance as Code (CaC)
  • Integrating Logging, Monitoring, and Alerting
  • Integrating Continuous Feedback Loop

 Back to Course Search

Class Dates & Times

Class times are listed Central time

This is a 2-day class

Price: $1,095.00

Class dates not listed.
Please contact us for available dates and times.