Autoplay
Autocomplete
HTML5
Flash
Player
Speed
Previous Lecture
Complete and continue
DevSecOps Leader
Introduction to the course
Introduction to the course
Course outline and Syllabus
Frequently Asked Questions (FAQs)
How to approach this course?
Course Support Channels
Course Manual
Chapter 1: DevSecOps Introduction
Introduction to DevSecOps, Principles and Archetypes (28:17)
Demo: A full enterprise-grade DevSecOps Pipeline (4:58)
Hands-on: Lab Access
Chapter 2: DevSecOps and Strategy
Bad Strategy and Good Strategy (9:43)
Archetype Based Model (21:36)
Designing a DevSecOps Strategy - Wardley Mapping (43:40)
Hands-on: Create your first Wardley map relating to a business process
Designing a DevSecOps Strategy - Cynefin Framework (14:48)
Cynefin Domain Models (24:46)
Robustness and Resilience (3:24)
Managing Constraints (10:40)
Where Does Strategy meets Compliance (14:57)
Animal Analogies for Strategy (6:07)
Chapter 3: DevSecOps Activities and culture.
Developing Culture (9:06)
Typology for Culture (2:01)
Security Awareness and Training (2:20)
Security Requirements and Activities (7:27)
Threat Modelling (14:35)
Hands-on: Create a Threat model using RTMP methodology
Bonus content: Session with Kim Wuyts (LINDDUN)
Hands-on: LINDDUN Go Threat modelling
DevSecOps Tools and Automation (19:12)
Demo/Hands-on: SCA/SAST/DAST/Compliance as Code
Metrics, Measurements and Narratives (33:10)
Chapter 4: DevSecOps in the current Security program
Governance, Risk, and Compliance (GRC) in DevSecOps World (10:29)
The Death of CAB (5:51)
Change Management in a DevOps world (9:24)
Auditing systems the modern way (1:45)
Compliance in CI/CD pipelines (3:14)
Demo/Hands-on: Using Inspec to achieve compliance
Compliance as Code(CaC) Tooling (2:57)
Demo/Hands-on: Integrate Inspec within CI/CD pipeline
Chapter 5: Security Management and Team Topologies
Accelerate and Lessons for Security (5:54)
Re-think Everything (5:16)
Hands-on: Strategy in a security program
Re-think C.I.A with D.I.E (2:01)
Social Practice Theory (12:18)
Hands-On: Define security activities in organizations
Security's roles in DevSecOps and Team Topologies (22:08)
Hands-On: Structure with current infosec teams
Defining Security Work (7:43)
Hands-On: Create epics and related stories
Working with other stakeholders in the organization (10:29)
Hands-On: Impact from security program gap thinking
Chapter 6: DevSecOps Maturity Model (DSOMM)
To Be Added
Chapter 7: Review and Summary
Common Challenges faced when using DevOps principle
Practical DevSecOps Exam/Certification Process
Exam and Certification process
Join the DevSecOps Community
Exercise: Schedule the Exam
Frequently Asked Questions (FAQs)
Lecture content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock