DevSecOps Foundation (DSOF)℠ eLearning - $609 (with exam)

Learning Objectives

Module zero introduces you to the course’s main features, learning plan, aims and objectives, and structure. It also addresses some of the most frequently asked questions about DevSecOps.

This module also provides students with a toolkit:

Table of contents
DevOps Foundation reference sheet
DevSecOps reference sheet
Skills self-audit form
Glossary
Build your own glossary
Further resources
Diagram pack

Lastly, students will be given a complete exam information guide and a list of further literature that will be useful throughout the course.

Learning Objectives

In module one, we take a look at the background and evolution of DevSecOps. We also cover CALMS and the Three Ways.

We also dive into issues and constraints associated with security and explore what is meant by the term ‘safety culture’.

Learning Objectives

In module two, we move on to consider the concepts of threat modeling, supply chain hygiene, and continuous compliance.

We also look at common risks and vulnerabilities DevSecOps engineers have to deal with.

Learning Objectives

In this module, we explore what a ‘good’ culture looks like and how we can both understand cultural differences and close any cultural gaps within organizations.

We also examine the types of stakeholders involved in DevSecOps cultures, as well as the different metrics that are important to them, before concluding with a review of governance, flow, and control.

Learning Objectives

In this module, we explore how you can set up DevSecOps practices.

We also cover the topics of continuous security, onboarding and resistance, the CI/CD pipeline, and both Cloud and Container security.

Learning Objectives

This module includes a short memory game designed to test how many key terms and definitions you can recall from modules 1-4.

Learning Objectives

In module six, we address the best practices for flow, feedback, and learning.

Learning Objectives

Here, we dive into the DevOps pipeline, including the planning and construction activities associated with it.

We also explore the goals and the perils of the pipeline as well as continuous integration and delivery practices before considering how engineers can secure a pipeline.

Learning Objectives

In module eight, we move on to explore what we mean by the term ‘responsive’ and why it is important when operating in cyber threat landscapes.

We also analyze KPIs, measuring, and reporting before addressing how to implement a secure pipeline.

Learning Objectives

Module 9 addresses the importance of continual learning and touches on principles like training as policy, learning communities, and the value of retrospective and innovative learning.

Learning Objectives

This module includes a short memory game designed to test how many key terms and their definitions you can recall from modules 6-9.

Learning Objectives

This module concludes the course.

Learning Objectives

The course comes with two practice exams to help students prepare for the official DevSecOps Foundation (DSOF) certification exam. The first one was developed by the DevOps Institute, while the second has been tailored by our team of experts at Good e-Learning.

Students are advised to become familiar with the testing environment before booking the official exam.

When you feel you are ready to sit the exam, simply contact Good e-Learning to request your FREE exam voucher.

DevSecOps is a relatively recent development in the world of DevOps. It adds security to DevOps' focus on development and operations by making sure security considerations are addressed (and, where possible, automated) throughout all key processes.

DevSecOps v2.0 is the latest version from the DevOps Institute. Its insight and best practices have been updated, and it also has a greater emphasis on exploring and understanding the current ‘cyber threat landscape’.

DevOps helps organizations to greatly streamline development and operations processes. However, traditional security measures struggle to keep up with this speed, which can leave DevOps users and their products vulnerable. DevSecOps solves this problem by speeding up security while also making it more of a priority.

DevSecOps works by integrating security processes with DevOps practices. It establishes ongoing 'security as code' cultures (meaning that security checks, tests, and gates are added to processes that involve code and infrastructure).

It also encourages collaboration, communication, and shared responsibility for security.

DevSecOps engineers are tasked with overseeing the implementation and management of DevSecOps. They choose appropriate tools and programs for security and automation while also making sure that all team members are up to date on how to optimize security

Applying traditional security measures to DevOps creates a bottleneck, greatly slowing down key processes and delaying release dates. DevSecOps removes the bottleneck by making security a priority throughout.

Not only does it leave DevOps products safer, but it also ensures this without causing major delays.

The DevSecOps Foundation (DSOF) exam is a closed book examination consisting of 40 multiple-choice questions. The exam lasts 60 minutes (with 25 additional minutes for students who do not speak English as a native language). The pass mark for the exam is 65%.

DevSecOps does not have a strictly defined certification path. However, it is best to study the methodology with an accredited training provider.

According to Neuvoo, DevSecOps certified practitioners can earn between $70,000 and $205,000. According to TotalJobs, DevSecOps users in the UK can earn between £30,000 and over £150,000. Salaries also depend on each candidate's role, location, and experience.

DevSecOps can be used with a number of other frameworks, such as ITIL 4, PMP, and PRINCE2.