PC4. Practical Dev(Sec)Ops
Tuesday, May 8, 2018
8:00 AM - 4:00 PM
This course provides a pragmatic foundation for understanding the DevOps movement, how security fits with it, and how to make the jump to DevSecOps, integrating security programs into a DevOps initiative, as well as learning how to apply DevOps principles and practices to security programs.
Lesson 1: A Brief DevOps Primer
A general introduction to the DevOps movement, how it started, what it means, why it's important, related initiatives, and key attributes.
Lesson 2: Applied DevOps
A detailed look at DevOps in action, with an emphasis on the practical and pragmatic. Discussion of how DevOps initiatives can be started, what sort of planning and strategic elements should be considered, and key security challenges.
Lesson 3: Applied DevSecOps
Discussion will pivot to addressing security challenges within a DevOps program, including how to best leverage DevOps to improve the security program itself. A wide range of topics will be covered, including application security and secure coding, audit and compliance, vulnerability and patch management, security as code, data analytics and reporting, and unique challenges and opportunities pertaining to logging, monitoring, detection, and response.