DevOps Course

course overview

Click to View dates & book now


The DevSecOps course is designed for:

  • Those involved or interested in learning about DevSecOps strategies and automation
  • Those involved in Continuous Delivery toolchain architectures
  • Compliance Team, Delivery Staff. DevOps Engineers
  • IT Security Professionals, Practitioners, and Managers
  • Maintenance and support staff, Managed Service Providers
  • Project & Product Managers, Quality Assurance Teams, Release Managers, Software Engineers, Testers
  • Scrum Masters, Site Reliability Engineers

Please Note: The DevOps Foundation certification is a prerequisite for DevSecOps Engineering to ensure participants are aligned with the baseline DevOps definitions and principles.

Skills Gained

The learning objectives for DevSecOps are:

  • Understand the DevSecOps concepts and how to apply them to your role.
  • Gain an understanding of how you can do security differently in your organisation, in order to improve flow and reduce risk.
  • Gain a deeper understanding of culture through incentive models, generativity and culture models from Erickson, Westrum and Laloux and how cultural change is key to DevSecOps.
  • Understand the importance of resilience to deal with adversity.
  • Understand and be able to implement security best practices including threat modelling, risk management, basic security hygiene, federation, log management, identity, access management, application security, operational security, governance, compliance, policy-as-code and shifting left.
  • Be able to improve the resiliency of your organisation by using simulations to improve incident response, forensic data collection and utilise threat intelligence and information sharing.
  • Techniques for how to ensure that security, governance, risk management and compliance capabilities are involved earlier in the software development process.
  • Be able to apply experimentation and collect the necessary measures to prove a specific hypothesis, i.e. such as the effective of security controls.


There are no manditory pre-requsites for this course however it's highly recommended that participants sit the DevOps Foundation course prior to ensure participants are aligned with the baseline DevOps definitions and principles.

DevSecOps Engineering Certificate Exam

Once you've completed your training, you can gain a globally recognised certification with the DevSecOps Engineering Exam. An exam voucher is provided after the training course. The exam is online and web-proctored, so you can take it any place, any time. Note: The exam voucher has a 90 Day Validity period.

DevOps Institute has engaged Kryterion Global Testing to host DevOps Institute certification examinations. For more information on sitting the online proctored exams please click here.

The exam details are as follows:

  • 90 minutes
  • 40 multiple choice questions
  • Pass mark of 65% (26 out of 40)
  • Closed book
  • Web-based (single-browser), closed book, no outside assistance, timed

Successfully passing the examination leads to the candidate's designation as a certified DevSecOps Engineer (DSOE). The certification is governed and maintained by the DevOps Institute.

More testimonials for this course


1. Course Introduction
  • Course Goals
  • Course Agenda
  • Exercise: Diagramming Your CI/CD Pipeline
2. Why DevSecOps?
  • Key Terms and Concepts
  • Why DevSecOps is important
  • 3 Ways to Think About DevOps+Security
  • Key Principles of DevSecOps
3. Culture & Management
  • Incentive Model
  • Resilience
  • Organisational Culture
  • Generativity
  • Erickson, Westrum, and LaLoux
  • Exercise: Influencing Culture
4. Strategic Considerations
  • How Much Security is Enough?
  • Threat Modeling
  • Context is Everything
  • Risk Management in a High-velocity World
  • Exercise: Measuring For Success
5. General Security Considerations
  • Avoiding the Checkbox Trap
  • Basic Security Hygiene
  • Architectural Considerations
  • Federated Identity
  • Log Management
6. IAM: Identity & Access Mgmt
  • IAM Basic Concepts
  • Why IAM is Important
  • Implementation Guidance
  • Automation Opportunities
  • How to Hurt Yourself with IAM
  • Exercise: Overcoming IAM Challenges
7. Application Security
  • Application Security Testing (AST)
  • Testing Techniques
  • Prioritising Testing Techniques
  • Issue Management Integration
  • Leveraging Automation
8. Operational Security
  • Basic Security Hygiene Practices
  • Role of Operations Management
  • The Ops Environment
  • Exercise: Adding Security to Your CI/CD Pipeline
9. GRG & Audit
  • What is GRC?
  • Why Care About GRC?
  • Rethinking Policies | Policy as Code
  • Shifting Audit Left
  • 3 Myths of Segregation of Duties vs. DevOps
  • Exercise: Making Policies, Audit and Compliance Work with DevOps
10. Logging, Monitoring & Response
  • Setting Up Log Management
  • Incident Response and Forensics
  • Threat Intelligence and Information Sharing

Talk to an expert

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.

All $ prices are in USD unless it’s a NZ or AU date

SPVC = Self Paced Virtual Class

LVC = Live Virtual Class

Please Note: All courses are availaible as Live Virtual Classes

Trusted by over 1/2 million students in 15 countries

Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.