Autoplay
Autocomplete
Previous Lecture
Complete and Continue
DevSecOps Leader
Introduction to the course
Introduction to the course
Course outline and Syllabus
Frequently Asked Questions (FAQs)
How to approach this course?
Course Support Channels
Schedule a Kickoff Meeting
Chapter 1: DevSecOps Introduction
Introduction to DevSecOps, Principles and Archetypes (28:17)
Demo: A full enterprise-grade DevSecOps Pipeline (4:58)
Hands-on: Lab Access
Chapter 2: DevSecOps and Strategy
Bad Strategy and Good Strategy (9:43)
Archetype Based Model (21:36)
Designing a DevSecOps Strategy - Wardley Mapping (43:40)
The Scenario for exercises
The interviews with Stakeholders
[Exercise] Wardley Mapping Exercise
[Solution] Wardley Mapping Exercise
Designing a DevSecOps Strategy - Cynefin Framework (14:48)
Cynefin Domain Models (24:46)
[Exercise] Cynefin Exercise
[Solution] Cynefin Exercise
Robustness and Resilience (3:24)
Managing Constraints (10:40)
Where Does Strategy meets Compliance (14:57)
Animal Analogies for Strategy (6:07)
Chapter 3: DevSecOps Activities and culture.
Developing Culture (9:06)
Typology for Culture (2:01)
Security Awareness and Training (2:20)
Security Requirements and Activities (7:27)
Threat Modelling (14:35)
[Exercise] Create a Threat model using RTMP methodology
[Solution] Create a Threat model using RTMP methodology
Bonus content: Session with Kim Wuyts (LINDDUN)
[Exercise] Hands-on: LINDDUN Go Threat modelling
[Solution] Hands-on: LINDDUN Go Threat modelling
DevSecOps Tools and Automation (19:12)
Demo/Hands-on: SCA/SAST/DAST/Compliance as Code
Metrics, Measurements and Narratives (33:10)
[Exercise] Creating Metrics for the organization
[Solution] Creating Metrics for the organization
Chapter 4: DevSecOps in the current Security program
Governance, Risk, and Compliance (GRC) in DevSecOps World (10:29)
The Death of CAB (5:51)
Change Management in a DevOps world (9:24)
Auditing systems the modern way (1:45)
Compliance in CI/CD pipelines (3:14)
Demo/Hands-on: Using Inspec to achieve compliance
Compliance as Code(CaC) Tooling (2:57)
Demo/Hands-on: Integrate Inspec within CI/CD pipeline
Chapter 5: Security Management and Team Topologies
Accelerate and Lessons for Security (5:54)
Re-think Everything (5:16)
Hands-on: Strategy in a security program
Re-think C.I.A with D.I.E (2:01)
Social Practice Theory (12:18)
[Exercise]: Define security activities in organizations
[Solution]: Define security activities in organizations
Security's roles in DevSecOps and Team Topologies (22:08)
[Solution] Create team topologies
Defining Security Work (7:43)
[Exercise] Create epics and related stories
[Solution] Create epics and related stories
Working with other stakeholders in the organization (10:29)
[Exercise] Impact from security program gap thinking
[Solution] Impact from security program gap thinking
Chapter 6: DevSecOps Maturity Model (DSOMM)
To Be Added
Chapter 7: Review and Summary
Common Challenges faced when using DevOps principle
Practical DevSecOps Exam/Certification Process
Exam and Certification Process Lecture (21:33)
Steps to Apply for the Exam
[Activity] Schedule the Exam
Frequently Asked Questions (FAQs)
Lecture content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock