This training is designed to give a practical approach of implementing Security across Continuous Delivery Pipelines by leveraging the plethora of cloud offerings and is backed by a ton of hands-on labs, original research and real-world implementations of “DevSecOps that Work”.
The training begins with a detailed view of Continuous Application Security, through Application Security Automation with SAST, SCA and DAST. We will focus on real-world tools and techniques to automate application security tooling in a CI/CD pipeline. Including a deep dive of several popular Test Automation Frameworks like Robot Framework and Selenium that can be leveraged extensively to parameterize application security tests with test automation scripts. Finally, the training concludes with leveraging Security Automation in the Cloud with detailed perspectives of implementing scalable security for cloud-native deployments.
At the end of the training, participants will have immediate takeaways and practical techniques that they can use for their own implementations of DevSecOps, within their organization. The tools and frameworks detailed in the program are largely open-source and freely available, thereby ensuring that participants can actually implement these scalable DevSecOps programs without having to additionally invest in tooling.
Upskill all your teams — Security, Ops, Developers, Cloud — in security automation & pipelines.
Customize scans and CI/CD workflows using easy-to-read scripts and plugins.
Manage your software supply chains & discover insecure components before they become a problem.
Test & deploy Docker containers securely at any scale.
A plethora of Implementation techniques and ideas with hands-on experience to be able to implement a full-fledged Application Security Pipeline
Battle-tested Application Security Automation Techniques + Practical Security Pipelines, with both conventional and unconventional techniques. Picked from real-world implementations and indicative of modern application development and deployment environments. Students will be able to **use** this knowledge and tools as soon as they are done with the class.
Multiple tools, techniques and strategies that will help students ideate and customize pipelines that they can implement in their organizations irrespective of technology, size and culture.
Crafted on Real-world training for product security teams
Hands-on Experience: Engage with real-world scenarios in a controlled, cloud-based lab environment to apply learning directly.
Immediate Application: Implement Threat Modeling tools and techniques instantly, enhancing retention and understanding.
Access to Specialized Tooling: Utilize advanced Threat Modeling software and LLMs without needing to set up or maintain the infrastructure.
Safe Learning Space: Experiment and learn from mistakes in a risk-free sandbox, encouraging exploration and innovation.
Basic understanding of application security principles.
Familiarity with software development and the software development lifecycle (SDLC).
Some experience in security practices and methodologies is beneficial
For the optimal learning experience in this course, participants should use a laptop with Windows 10/11, the latest macOS, or a modern Linux distribution, equipped with an Intel i5 processor or equivalent (i7 recommended), at least 8GB of RAM (16GB preferred), and 20GB of free disk space. A stable, high-speed internet connection is essential for accessing streaming content and cloud-based labs, alongside the latest versions of Google Chrome, Mozilla Firefox, or Safari with JavaScript enabled. Participants must have administrative rights to install necessary software and a modern code editor like Visual Studio Code.
10
help@appsecengineer.com
United States
11166 Fairfax Boulevard, 500, Fairfax, VA 22030
APAC
68 Circular Road, #02-01, 049422, Singapore