Project Management
DevSecOps for Managers & Leaders
DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to delivery applications and services at high velocity. Under a DevOps model, a development and operations teams are no longer “siloed”. Quality assurance team also becomes more tightly integrated with development and operations and throughout the application lifecycle.
The shift to DevSecOps has become essential as organizations prioritize secure software delivery without sacrificing speed. Integrating security practices into the DevOps workflow is critical to reducing vulnerabilities early in the development lifecycle, ensuring compliance, and managing risk proactively.
This course provides managers, project leads, analysts, and others involved in enterprise software development projects with a comprehensive understanding of the principles and practices of modern DevSecOps product development, deployment and maintenance.
Duration
3 days
AUDIENCE
- Leaders who are or will be designing and leading a DevOps practice in their team, department, or organization
- Staff who are or will be participating in DevOps projects and are looking for a comprehensive, end-to-end understanding of the processes they will be supporting
- This course is not intended for individuals looking for hands-on or specific technical training; other courses are available to meet specific technical needs
Prerequisites
One year or more of enterprise IT experience with software and systems.
• What is DevOps?
• Why DevOps Matters for the Enterprise
• Cultural Shifts in DevOps
• DevOps and Leadership
• The DevOps Lifecycle
• From Development to Operations: Understanding the Flow
• Building a DevOps Strategy
• Measuring the ROI of DevOps
• Data-Driven Decision Making in DevOps
• Future Trends in DevOps
• Introduction to DevSecOps
• Static Application Security Testing (SAST)
• Coding for Security
• Dynamic Application Security Testing (DAST)
• Vulnerability Scanning and Software Composition Analysis (SCA)
• Security Policy and Compliance
• Interactive Application Security Testing (IAST)
• Security Orchestration and Automation
• Threat Modeling and Continuous Improvement
• Implementing SAST in a CI/CD Pipeline
• Refactoring Code for Security
• Integrating ZAP into CI/CD Pipelines
• Analyzing Open-Source Dependencies
• Compliance Automation
• Running and Interpreting IAST Results
• Building an Automated Security Pipeline
• Threat Modeling
Is there a discount available for current students?
UMBC students and alumni, as well as students who have previously taken a public training course with UMBC Training Centers are eligible for a 10% discount, capped at $250. Please provide a copy of your UMBC student ID or an unofficial transcript or the name of the UMBC Training Centers course you have completed. Asynchronous courses are excluded from this offer.
What is the cancellation and refund policy?
Student will receive a refund of paid registration fees only if UMBC Training Centers receives a notice of cancellation at least 10 business days prior to the class start date for classes or the exam date for exams.