EC-Council Certified DevSecOps Engineer (ECDE v2)
Skip to Scheduled Dates
Course Overview
EC-Council Certified DevSecOps Engineer (ECDE) is a hands-on, instructor-led comprehensive DevSecOps certification program which helps professionals to build essential knowledge and abilities in designing, developing, maintaining a secure applications and infrastructure.
This course is blended with both theoretical knowledge as well as the practical implementation of DevSecOps in your on-prem and cloud-native (AWS and Azure) environment. It will also cover integration and automation of all the major and widely used tools, processes, and methodologies of DevSecOps that help organizations to build secure applications rapidly in a DevOps environment.
Who Should Attend
- DevSecOps Engineer/Senior DevSecOps Engineer
- Cloud DevSecOps Engineer
- Azure DevSecOps Engineer
- AWS DevSecOps Engineer
- DevSecOps Analyst
- DevSecOps Specialist
- DevSecOps Operations Engineer
- DevSecOps Systems Administrator
- DevSecOps System Engineer
- DevSecOps Consultant
- DevSecOps Systems Engineer
- DevSecOps CI/CD Engineer
- Infrastructure DevSecOps Engineer
Course Objectives
- The information provided in the E|CDE course is complemented with practical implementation of labs that allows you to easily get DevSecOps Engineer job in any part of the world.
- Whether your organization workloads or applications deployed in on-premises or cloud-native environment (AWS or Azure), this course will teach you how to use various DevSecOps tools and secure the application code throughout the software development lifecycle.
- The DevSecOps security tools that help in secure development of software products or web applications are subtly segregated into On-premises and Cloud-native environment.
- The E|CDE course not only focuses on Application DevSecOps, but it also provides insights into infrastructure DevSecOps.
- The integration of all the popular and important tools are illustrated in respective stages of DevOps lifecycle.
- The E|CDE program helps DevSecOps Engineer to develop and enhance their knowledge and skills in securing the application in all the stages of DevOps.
- This makes the certification stand apart from all other DevSecOps certification programs available in the market.
Course Outline
Module 01 Understanding DevOps Culture
- Understand the Evolution of the Software Development Life Cycle
- Understand what DevOps is
- Learn to Implement DevOps in an On-Premises Environment
- Learn to Implement DevOps in an AWS Cloud Native Environment
- Learn to Implement DevOps in an Azure Cloud Native Environment
- Learn to Implement DevOps in a Google Cloud Native Environment
- Understand the Frameworks and Maturity Model in DevOps
- Evaluate Security Silos in DevOps
Module 02 Introduction to DevSecOps
- Addressing DevOps Process Security Bottlenecks and Challenges
- Understand DevSecOps
- Understand DevSecOps Culture
- Understand Continuous Security in DevSecOps
- Understand the DevSecOps Pipeline
- Understand DevSecOps Strategy
- Understand DevSecOps Tools
- Leveraging Artificial Intelligence (AI) in DevSecOps
Module 03 DevSecOps Pipeline-Plan Stage
- Understand Continuous Threat Modeling in the DevSecOps Pipeline
- Learn to Integrate Threat Modeling Tools
- Learn to Gather Security Requirements from Business Functionality
- Address Technical Security Debts
- Learn to Run Pre-Commit Checks in the Plan Stage
- Understand Secure Code Training and Awareness
- Understand Security Tools Training
Module 04 DevSecOps Pipeline-Code Stage
- Learn to Integrate Security Plugins in IDEs
- Learn to Configure and Manage Code Scanning for GitHub Repository
- Learn to Integrate and Scan Source Code Repository
- Learn to Integrate Secret Management Tools
- Learn to Integrate Software Composition Analysis (SCA) Tools
Module 05 DevSecOps Pipeline-Build and Test Stage
- Learn to Integrate SAST Tool
- Learn to Integrate SAST Tool with AWS Cloud
- Learn to Integrate SAST Tool with Microsoft Azure
- Learn to Integrate SAST Tool with Google Cloud
- Conducting Manual Secure Code Review
- Learn to Integrate DAST Tool
- Learn to Integrate DAST Tool with AWS
- Learn to Integrate DAST Tool with Microsoft Azure
- Learn to Integrate DAST Tool with Google Cloud
- Learn to Integrate IAST Tool
- Understand Security Testing Framework
Module 06 DevSecOps Pipeline-Release and Deploy Stage
- Learn to Integrate RASP Tool
- Learn to Conduct Penetration Testing
- Learn to Integrate Vulnerability Scanning Tool
- Understand Bug Bounty Program
- Learn to Integrate Threat Detection Tools
- Understand Infrastructure Deployment using Infrastructure as Code (IaC)
- Learn Infrastructure Provisioning as Code (IaC) using Terraform
- Learn Infrastructure Provisioning as Code (IaC) using Pulumi
- Learn to Integrate AWS CloudFormation
- Learn to Integrate Configuration Orchestration Tools: Ansible
- Learn to Integrate Configuration Orchestration Tools: Chef
- Learn to Integrate Configuration Orchestration Tools: Puppet
- Learn to Integrate Configuration Orchestration Tools: Azure Resource Management
- Learn to Integrate Binary Authorization to Secure GCP Deployment
Module 07 DevSecOps Pipeline-Operate and Monitor Stage
- Understand Security Activities in the Operate and Monitor Stage
- Learn to Scan Infrastructure as Code (IaC) for Vulnerabilities
- Learn to Scan Infrastructure for Vulnerabilities
- Learn to Secure Containers
- Learn to Integrate Container Vulnerability Scanning Tools
- Learn to Secure Jenkins
- Learn to Integrate Compliance as Code (CaC) Tools
- Learn to Integrate Logging, Monitoring, and Alerting Tools
- Understand Monitoring Features in AWS
- Understand Monitoring Features in Azure
- Understand Monitoring Features in Google Cloud
- Learn to Integrate WAF
- Learn to Integrate Patch Management
- Learn to Integrate Continuous Feedback
- Understand Incident Reponse in DevSecOps
- Understand High Availability, Fault Tolerance, and Disaster Recovery in DevSecOps
< Back to Course Search
Class times are listed Central time
This is a 3-day class
Class dates not listed.
Please contact us for available dates and times.