Skip to content

PagelShield

Web- and Cloud Security Training Experts

DevSecOps Workshop

Description

Using the DevSecOps Maturity Model (dsomm.timo-pagel.de), designed by the speaker, different dimensions of security in DevOps are explained.

The content will be supported by hands-on tasks, which will be carried out exclusively using OpenSource tools.

Train efficiently

Content

  • DevOps recap
  • Threats to a build and deployment pipeline
  • Measures to harden a build and deployment pipeline
  • Docker security including patch management
  • Automation of dynamic and static security tests
  • Logging and monitoring in a DevOps world
  • Optional: Continuous License Scanning

The OWASP DevSecOps Maturity Model with the following dimensions serves as orientation

Build and Deployment

Culture

Information Gathering

Infrastructure Hardening

Test and Verification

Target group

Information and IT Security Managers and DevOps Engineers.

Used tools:

  • Docker
  • Distroless
  • OWASP ZAP
  • OWASP Dependency Check
  • Automation
  • Jenkins
  • Arachni
  • nmap
  • Distroless

Methodology

Learning by doing is one of the most important paradigms. More about the training methodology here.

Trainer

Timo Pagel incorporates his knowledge from over 20 years in operations and development into his trainings. As a DevSecOps consultant, he not only advises at the strategic level but also lends a hand.

Arrange a free initial consultation