Certified DevSecOps Tester

Certified DevSecOps Tester course is for a tester who want to develop security testing skills in DevOps. The course explains DevSecOps Testing in the context of digital disruption. You will also learn about how to tackle security issues in a fast-moving DevOps environment, tools/solutions and processes to create a secure by default infrastructure. This course includes various tools that can be used for security automation and the integration scripts and tools. The goal is to remove silo’s, reduce friction and bring in security early into the software development lifecycle. The outcome is to bridge the gap IT, security and the business to bring deliver secure working code, fast and frequently to the end-users.

Target Audience

Certified DevSecOps Tester is designed for:

  • Experienced Tester wanting to learn about DevSecOps Testing hands-on skills.
  • Test Managers needing the skills to plan and lead DevSecOps Testing project.
  • Security testing professionals wanting to accredit their skills for recognition by employers, clients and peers.

Prerequisites

There are no prerequisites for this DevSecOps certification training course, so everyone is able to attend. There is no pre-course reading.

Contents

1. Introduction to DevSecOps
1.1 What is DevSecOps?
1.2 Objectives of DevSecOps Testing
1.3 Key Concepts
1.4 DevSecOps Tester Roles
1.5 Approaches
1.6 Vulnerability Management

2. Characteristics of DevSecOps Testing
2.1 Pre-Commit Hooks in CI
2.2 Secrets Management in CI
2.3 Software Composition Analysis in CD
2.4 Static Analysis Security Testing in CD
2.5 Dynamic Analysis Security Testing in CD
2.6 Infrastructure As Code
2.7 Continous Monitoring

3. Identity and Access Manangement
3.1 Authentication and Authorisation
3.2 Federated Identity
3.3 Open ID, OAuth and SAML
3.4 Single Sign-On
3.5 Active Directory

4. Operational Security
4.1 Security Hygiene
4.2 Key Security Controls
4.3 Data Protection
4.4 Network Security
4.5 Cloud Security
4.6 Data Loss Prevention

5. Logging, Monitoring and Response
5.1 Log Management
5.2 Incident Response
5.3 Forensics
5.4 Security Information and Even Management
5.5 eDiscovery
5.6 Threat Intelligence

Exam Details

Participants need to sit the Certified DevSecOps Tester Exam order to acquire the certification. The exam format is outlined below:

  • 40 questions
  • Multiple choice
  • Closed book
  • Duration : 1 Hour (1 Hour + 15 Minutes for participants whose first language is not English) 

Participants need to achieve 65% in order to pass the examination