What you'll learn
- Application security and DevSecOps terminology.
- What is DevOps vs DevSecOps.
- Gain a solid Understanding of application security and DevSeOps Practices.
- Learn about continuous Integration and delivery and its role in DevSecOps.
- What is the OWASP Top 10 and how to defend against those vulnerabilities.
- Use of threat modeling to identify threats and mitigation in development features.
- Perform a threat model on an application.
- Perform a vulnerability scan of an application.
- Rating security vulnerabilities using standard and open processes.
- Correct common security vulnerabilities in code.
- Building security in to the software development life cycle.
- Linux/Unix For DevOps and Developers.
- Learn Cloud Services - AWS (Amazon Web Services).
- Learn Continuous Integration And Continuous Delivery CI/CD - Jenkins.
- Learn Containerization Technology - Docker.
- Learn IAC (Infrastructure As Code) - AWS Cloud Formation.
- Learn IAC (Infrastructure As Code) - Terraform.
- Learn Continuous Monitoring - AWS CloudWatch.
- Threat hunting.
- Data analysis to combat cyber attacks.
- Digital forensics.
- Securing your network to protect critical data.
- Business impact analysis and risk mitigation.
- Vulnerability management with networks, IoT, mobile, cloud, and more.
- Identity and access management (IAM).
Requirements
- Eager to learn and patience.
- Basic IT Knowledge.
- Basic programming knowledge helps but is not required.
- An understanding of IT systems and how software is deployed in operational environments would help but is not required.
Why upskill into application security and DevSecOps?
1. Application layer vulnerabilities are everywhere - It is the application where most weaknesses will be found. Application security and devsecops is what helps to reduce these security bugs and solve a huge security threat to businesses, These skills are, therefore, in-demand and much-needed.
2. A well respected and well-paid opportunity - Application security and DevSecOps is a well-paid area of specialisation within cybersecurity to choose to focus on
3. A shortage of people with application security and DevSecOps skills - GitHub's Nico Waisman stated that by GitHub's reckoning, developers now outnumber security professionals 500 to one. So there are 500 more developers for every one person who can help organisations with getting security into that process.
4. A missed opportunity - Application security is already a mainstream skill and heavily in demand. But DevSecOps is a rising star. Gartner indicates that DevSecOps is in the early stages of mainstream adoption. Gartner quotes a 20-50% market penetration among DevSecOps' target audience and places it within Gartner's "Slope of Enlightenment". Gartner projects that DevSecOps will reach mainstream adoption within 1-4 years. So that means DevSecOps is currently being used by lots of forward-thinking companies like Amazon, HP, Netflix and so on, and that most other organisations will be adopting it in 1-4 years. With this training, you can get ahead of the game in your security skills.
You will be able to take on jobs with titles such as a
- Certified Cyber security Analyst,
- Application Security Analyst,
- DevSecOps expert.
Description
DevOps is a set of practices that combines software development and IT operations. It aims to shorten the systems development life cycle and provide continuous delivery with high software quality.
DevSecOps is a culture shift in the software industry that aims to bake security into the rapid-release cycles that are typical of modern application development and deployment.
Application security will familiarize you with the common
vulnerabilities that plague developed code as outlined in publications
like the
OWASP Top 10 and SANS Top 25.
You will understand what type of development behaviors lead to vulnerabilities and how to avoid those behaviors when creating secure
code. You will learn how to perform a threat model on development
features to understand the threats, where they come from and how to
mitigate them. You will also review and operate analysis tools that are
available to developers, allowing you to correct them early in the
development life cycle. Finally you will understand how application
security fits in an overall cyber security program.
Organizations need DevSecOps engineers so badly, because now as never before they are pressed to build high-quality, secure applications as fast as possible to keep up with the competition and create innovative solutions to address business challenges in a quick and continuous manner.
It is paramount that you have a clear understanding of the terminologies used in the DevSecOps world. Various jargon used in the DevSecOps World can be daunting . You will hear about "Continuous Integration", "Build Automation", and "Orchestration" from the Developers. You may be part of the Scrum calls and you will hear engineers talking about issues reported in tools like Jenkins, Ansible, and Chef.
This course bundle starts with an introduction to the DevOps essentials everyone should know. By the end you will have a working knowledge of usage of DevSecOps in the IT World. We will cover the various practices and tools associated with DevSecOps. You would also know about the relationship between DevSecOps and Cloud (AWS and Azure).
The CompTIA CySA+ Certification (CS0-002) course is aimed at the aspirational cybersecurity analyst looking to step up in their career. However, if your tech skills don't include cybersecurity, you can also gain a great deal of knowledge from this course to help launch yourself towards a career in cybersecurity. This course covers everything you need to know to respond to cybersecurity threats and attacks. If you're looking to get certified, this course will also help prepare you for the CompTIA CySA+ Certification (CS0-002) exam. The first goal of the course is to make you an outstanding cybersecurity analyst and, in the process, make sure you are ready to pass the CompTIA exam. A number of practice tests are included to help you practice for the real certification test.
Who this course is for:
- Anyone aspiring to work in cyber security
- Anyone who is passionate about learning new trends in technology
- Anyone new to the world of Devops, DevSecOps and Cloud
- Anyone interested in developing application security, DevOps and DevSecOps skills
- DevOps Engineers
- DevSecOps Engineers
- Cyber Security professionals
- Developers
- Software Engineers
- System Administrators
- Cloud Architect
- Security practitioners
- Software developers interested in developing more secure software.
- Anyone who is interested in a Cybersecurity position or looking to improve their security skills.
- This training will prepare you to pass the CompTIA CySA+ Certification Exam. It goes beyond certification and gives you the skills you need to be a better cybersecurity analyst.
