DevSecOps Foundation (DSOF)?

4.6 out of 5 rating

Jump to dates


2 Days

12 CPD hours

This course is intended for

The target audience for the DevSecOps Foundation course are professionals including:
Anyone involved or interested in learning about DevSecOps strategies and automation
Anyone involved in Continuous Delivery toolchain architectures
Compliance Team
Business managers
Delivery Staff
DevOps Engineers
IT Managers
IT Security Professionals, Practitioners, and Managers
Maintenance and support staff
Managed Service Providers
Project & Product Managers
Quality Assurance Teams
Release Managers
Scrum Masters
Site Reliability Engineers
Software Engineers


You will learn:
The purpose, benefits, concepts, and vocabulary of DevSecOps
How DevOps security practices differ from other security approaches
Business-driven security strategies and Best Practices
Understanding and applying data and security sciences
Integrating corporate stakeholders into DevSecOps Practices
Enhancing communication between Dev, Sec, and Ops teams
How DevSecOps roles fit with a DevOps culture and organization


In this course, students will gain a solid understanding of how DevSecOps provides business value, enhancing your business opportunities, and improving corporate value. The core DevSecOps principles taught can support an organizational transformation, increase productivity, reduce risk, and optimize resource usage. This course explains how DevOps security practices differ from other approaches then delivers the education needed to apply changes to your organization. Participants learn the purpose, benefits, concepts, vocabulary and applications of DevSecOps. Most importantly, students learn how DevSecOps roles fit with a DevOps culture and organization. At the course?s end, participants will understand ?security as code? to make security and compliance value consumable as a service. This course prepares you for the DevSecOps Foundation (DSOF) certification.

Realizing DevSecOps Outcomes
  • Origins of DevOps
  • Evolution of DevSecOps
  • The Three Ways
Defining the Cyberthreat Landscape
  • What is the Cyber Threat Landscape?
  • What is the threat?
  • What do we protect from?
  • What do we protect, and why?
  • How do I talk to security?
Building a Responsive DevSecOps Model
  • Demonstrate Model
  • Technical, business and human outcomes
  • What?s being measured?
  • Gating and thresholding
Integrating DevSecOps Stakeholders
  • The DevSecOps State of Mind
  • The DevSecOps Stakeholders
  • What?s at stake for who?
  • Participating in the DevSecOps model
Establishing DevSecOps Best Practices
  • Start where you are
  • Integrating people, process and technology and governance
  • DevSecOps operating model
  • Communication practices and boundaries
  • Focusing on outcomes
Best Practices to get Started
  • The Three Ways
  • Identifying target states
  • Value stream-centric thinking
DevOps Pipelines and Continuous Compliance
  • The goal of a DevOps pipeline
  • Why continuous compliance is important
  • Archetypes and reference architectures
  • Coordinating DevOps Pipeline construction
  • DevSecOps tool categories, types and examples
Learning Using Outcomes
  • Security Training Options
  • Training as Policy
  • Experiential Learning
  • Cross-Skilling
  • The DevSecOps Collective Body of Knowledge
  • Preparing for the DevSecOps Foundation certification exam
Training Insurance Included!

When you organise training, we understand that there is a risk that some people may fall ill, become unavailable. To mitigate the risk we include training insurance for each delegate enrolled on our public schedule, they are welcome to sit on the same Public class within 6 months at no charge, if the case arises.

What people say about us

Global Schedule

GTR = Guarenteed to Run

25 Apr 24 Enquire Book
14:00 - 22:00Live Online GTR1,495

Find out more about this course

Interested in alternative dates? Would like to book a private session of this course for your company? Or for any other queries please simply fill out the form below.