757-216-3656 | Monday–Friday 8:30 AM – 4:30 PM | info@itdojo.com
|
www.itdojo.com
757-216-3656
info@itdojo.com
DevSecOps Foundation
Duration: 2 Days  |  Instructor-Led · Live Remote Online or On-Site
DevOps Training

DevSecOps Foundation

Course Duration

2 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

There are no formal prerequisites for this course. Familiarity with DevOps concepts and basic IT service management principles is beneficial.

Course Description

In this course, students will gain a solid understanding of the leadership requirements for successful DevOps adoption at both the tactical and strategic levels for those who help design, influence, implement and motivate the cultural transformation. This course prepares you for the DevSecOps Foundation (DSOF) certification.

Learning Objectives

  • Understanding organizational culture and organizational change
  • Conway’s Law and its influence on DevOps and systems thinking
  • Strategies for leading cultural transformations
  • Evolving silos into flat, team based organizations
  • Managing conflict
  • Creating feedback loops
  • Creating learning environments
  • Avoiding change fatigue
  • Communication and collaboration strategies
  • Meaningful metrics
  • Resourcing for DevOps
  • Demonstrating DevOps ROI
  • Critical success factors
  • Getting started

Course Outline

Course Topics
  • Course Goals
  • Course Agenda
  • Key Terms and Concepts
  • Why DevSecOps is important
  • 3 Ways to Think About DevOps+Security
  • Key Principles of DevSecOps
  • Key Terms and Concepts
  • Incentive Model
  • Resilience
  • Organizational Culture
  • Generativity
  • Erickson, Westrum, and LaLoux
  • Exercise: Influencing Culture
  • Key Terms and Concepts
  • How Much Security is Enough?
  • Threat Modeling
  • Context is Everything
  • Risk Management in a High-velocity World
  • Exercise: Measuring For Success
  • Avoiding the Checkbox Trap
  • Basic Security Hygiene
  • Architectural Considerations
  • Federated Identity
  • Log Management
  • Key Terms and Concepts
  • IAM Basic Concepts
  • Why IAM is Important
  • Implementation Guidance
  • Automation Opportunities
  • How to Hurt Yourself with IAM
  • Exercise: Overcoming IAM Challenges
  • Application Security Testing (AST)
  • Testing Techniques
  • Prioritizing Testing Techniques
  • Issue Management Integration
  • Threat Modeling
  • Leveraging Automation
  • Key Terms and Concepts
  • Basic Security Hygiene Practices
  • Role of Operations Management
  • The Ops Environment
  • Exercise: Adding Security to Your CI/CD Pipeline
  • Key Terms and Concepts
  • What is GRC?
  • Why Care About GRC?
  • Rethinking Policies
  • Policy as Code
  • Shifting Audit Left
  • 3 Myths of Segregation of Duties vs. DevOps
  • Exercise: Making Policies, Audit and Compliance
  • Key Terms and Concepts
  • Setting Up Log Management
  • Incident Response and Forensics
  • Threat Intelligence and Information Sharing
  • Where We Started
  • What We Covered
  • Key Reminders of What’s Important
  • Exercise: Creating a Personal Action Plan
  • Exam Requirements, Question Weighting and
  • Sample Exam Review

Frequently Asked Questions

What does the DevSecOps Foundation course cover?

This course covers DevSecOps Foundation training and best practices. IT Dojo delivers it as live instructor-led training with an emphasis on practical skills for government and DoD professionals.

How long is IT Dojo's DevSecOps Foundation training?

IT Dojo's DevSecOps Foundation training is 2 Days. It is available as live remote online instruction or on-site at your facility. All sessions are instructor-led with small class sizes to ensure individual attention.

Is this course available as live remote online training?

Yes. IT Dojo offers DevSecOps Foundation as live remote online training. A certified instructor leads the session in real time. Students interact via chat or microphone. Classes are kept small (typically no more than 16 students) to ensure engagement. On-site delivery at your government facility or contractor location is also available.

What prerequisites are recommended before this course?

There are no formal prerequisites for this course. Familiarity with DevOps concepts and basic IT service management principles is beneficial.

Does IT Dojo offer this training on-site at government or DoD facilities?

Yes. IT Dojo delivers DevSecOps Foundation on-site at government agencies, DoD commands, military installations, and contractor facilities. On-site training is ideal for teams of four or more and can be customized to your organization's specific environment and mission requirements. Contact IT Dojo to schedule.

How do I register for this course?

IT Dojo training is employer sponsored. Your organization registers and pays for seats. To schedule DevSecOps Foundation for your team, contact IT Dojo via the Request Training form or call 757-216-3656. IT Dojo will work with your contracting officer, training coordinator, or program office to set up the course.

Request Info & Pricing

Get details on scheduling, pricing, and delivery options for this course.

757-216-3656

Why no pricing?

Course pricing varies based on timing, availability, and class size. When you request a quote, we give you a current, accurate number rather than a posted rate that may be months out of date.

Upcoming Course Dates

Classes are forming now, contact us about upcoming dates and scheduling!

Can't find what you're looking for?

Let us know! Chances are we have access to the training that you need.

Have questions or need more information?

Contact us today at:

757-216-3656 info@itdojo.com
About Our Instructors

All IT Dojo courses are taught by certified, active industry practitioners.

Meet Our Instructors

For scheduling, pricing, and enrollment information, please contact IT Dojo:

Phone: 757-216-3656    Email: info@itdojo.com    Web: www.itdojo.com

IT Dojo, Inc. • 4176 South Plaza Trail, Suite 207 • Virginia Beach, VA 23452

Employer-sponsored training only. Serving Federal Government, DoD, and Corporate clients since 2003.

You May Also Be Interested In

Get More Information

We work with Government Agencies, Military, government contractors, and corporate clients. As much as we would love to, our business model does not include working with the general public.