DevSecOps Foundation

Jan | Feb | Mar 2022
2 Days
Online Live | Onsite


In this course, students will gain a solid understanding of the leadership requirements for successful DevOps adoption at both the tactical and strategic levels for those who help design, influence, implement and motivate the cultural transformation.
This course prepares you for the DevSecOps Foundation (DSOF) certification.


  • • Understanding organizational culture and organizational change
    • Conway’s Law and its influence on DevOps and systems thinking
    • Strategies for leading cultural transformations
    • Evolving silos into flat, team based organizations
    • Managing conflict
    • Creating feedback loops
    • Creating learning environments
    • Avoiding change fatigue
    • Managing conflict
    • Communication and collaboration strategies
    • Meaningful metrics
    • Resourcing for DevOps
    • Demonstrating DevOps ROI
    • Critical success factors
    • Getting started


This course is intended for:
• Anyone starting or leading a DevOps cultural transformation program
• Anyone interested in modern IT leadership and organizational change approaches
• Business Analysts, Business Stakeholders, Consultants, DevOps tool providers, IT Operations Managers, IT Leadership, Practitioners and change agents, Project Managers, Systems Integrators, Team Leaders, Managers, Directors & Tool Suppliers


DevOps Foundation


  • Course Goals
  • Course Agenda
  • Key Terms and Concepts
  • Why DevSecOps is important
  • 3 Ways to Think About DevOps+Security
  • Key Principles of DevSecOps
  • Key Terms and Concepts
  • Incentive Model
  • Resilience
  • Organizational Culture
  • Generativity
  • Erickson, Westrum, and LaLoux
  • Exercise: Influencing Culture
  • Key Terms and Concepts
  • How Much Security is Enough?
  • Threat Modeling
  • Context is Everything
  • Risk Management in a High-velocity World
  • Exercise: Measuring For Success
  • Avoiding the Checkbox Trap
  • Basic Security Hygiene
  • Architectural Considerations
  • Federated Identity
  • Log Management
  • Key Terms and Concepts
  • IAM Basic Concepts
  • Why IAM is Important
  • Implementation Guidance
  • Automation Opportunities
  • How to Hurt Yourself with IAM
  • Exercise: Overcoming IAM Challenges
  • Application Security Testing (AST)
  • Testing Techniques
  • Prioritizing Testing Techniques
  • Issue Management Integration
  • Threat Modeling
  • Leveraging Automation
  • Key Terms and Concepts
  • Basic Security Hygiene Practices
  • Role of Operations Management
  • The Ops Environment
  • Exercise: Adding Security to Your CI/CD Pipeline
  • Key Terms and Concepts
  • What is GRC?
  • Why Care About GRC?
  • Rethinking Policies
  • Policy as Code
  • Shifting Audit Left
  • 3 Myths of Segregation of Duties vs. DevOps
  • Exercise: Making Policies, Audit and Compliance
  • Key Terms and Concepts
  • Setting Up Log Management
  • Incident Response and Forensics
  • Threat Intelligence and Information Sharing
  • Where We Started
  • What We Covered
  • Key Reminders of What’s Important
  • Exercise: Creating a Personal Action Plan
  • Exam Requirements & Question Weighting
  • Sample Exam Review


Mark Steele

Mark is certified trainer with 20+ years of experience in gulf and London. He has trained batches, corporates, individuals and companies from all over the world.

Enroll Now

Fill out this field
Please enter a valid email address.
Fill out this field
Fill out this field

More courses you might like

Learners who joined this course have also enjoyed these courses.

No results found.