EC-Council DevSecOps Essentials (DSE)
The DevSecOps Essentials program will provide you with the foundation knowledge and essential aspects of secure application development, or DevSecOps. In this course, you will gather key insights into identifying application development risk and securing and testing applications within on-premises, cloud providers, and hybrid infrastructures. Put your newly acquired abilities to the test in an exhilarating Capstone project to develop the hands-on proficiencies essential for success in your cyber professional role. After completing this program, you will be prepared to move toward a career in secure application development.
- Learn the fundamentals of application development.
- Gain knowledge of application security.
- Understand DevOps and DevSecOps.
- Explore the DevSecOps toolchain.
- Gain insights into DevSecOps and CI/CD pipelines.
- Learn about implementing and using tools for DevSecOps in CI/CD pipelines.
- School students, graduates, professionals, career starters and changers, IT / Technology / Cybersecurity teams with little or no work experience.
- Anyone who wants to start a career in cybersecurity, application security, and development and is interested in cloud technology.
- Any professional involved in developing, testing, and deploying applications to production environments, including on-premises, public cloud, and hybrid environments.
- This program is also beneficial for application developers, risk managers, project managers, application administrators, administrators, engineers, and architects.
Participants are not required to have prior cybersecurity knowledge or IT work experience to enroll. However, a foundational understanding of DevOps principles, cloud computing, automation tools, and general security practices is recommended to ensure a smoother and more effective learning experience.
- History of Application Development
- Evolution of Application Development Methodologies
- Introduction to Application Architectures
- Introduction to the Application Development Lifecycle
- Application Testing and Quality Assurance
- Application Monitoring, Maintenance, and Support
- What is Secure Application Development
- Need for Application Security
- Common Application Security Risks and Threats
- OWASP Top 10
- Application Security Techniques
- Secure Design Principles
- Threat Modeling
- Secure Coding
- Secure Code Review
- SAST and DAST Testing
- Secure Configurations
- Educating Developers
- Role of Risk Management in Secure Development
- Project Management Role in Secure Application Development
- Introduction to DevOps
- DevOps Principles
- DevOps Pipelines
- DevOps and Project Management
- Understanding DevSecOps
- DevOps vs. DevSecOps
- DevSecOps Principles
- DevSecOps Culture
- Project Management Tools
- Integrated Development Environment (IDE) Tools
- Source-code Management Tools
- Build Tools
- Continuous Testing Tools
- Continuous Integration Tools
- Infrastructure as Code Tools
- Configuration Management Tools
- Continuous Monitoring Tools
- Role of DevSecOps in the CI/CD Pipeline
- DevSecOps Tools
- Embracing the DevSecOps Lifecycle
- DevSecOps Ecosystem
- Key Elements of the DevSecOps Pipeline
- Integrating Security into the DevOps Pipeline
- Implementing Security into the CI/CD Pipeline and Security Controls
- Continuous Security in DevSecOps with Security as Code
- Continuous Application Testing for CI/CD Pipeline Security
- Application Assessments and Penetration Testing
- Integrating Security Threat Modeling in Plan Stage
- Integrating Secure Coding in Code Stage
- Integrating SAST, DAST, and IAST in Build and Test Stage
- Integrating RASP and VAPT in Release and Deploy Stage
- Implementing Infrastructure as Code (IaC)
- Integrating Configuration Orchestration
- Integrating Security in Operate and Monitor Stage
- Integrating Compliance as Code (CaC)
- Integrating Logging, Monitoring, and Alerting
- Integrating Continuous Feedback Loop