DevOps Foundations: DevSecOps
55mBeginner2025-08-13
Authors
Tim Chase
Director of Application Security and Architecture at Nielsen
Course details
Security is a major concern in the DevOps world. There is a constant push for companies to move more quickly at scale, but security teams often struggle to keep up with testing. This course introduces you to the concept of DevSecOps and explains how an organization can build out a DevSecOps program that helps teams integrate security into the application development pipeline. Learn about the role of APIs, containers, security as code, and automation, and how a continuous integration and delivery framework can help your organization run security tests as often as developers want. Instructor Tim Chase also introduces some free tools and resources to help you get started on your DevSecOps journey.
Learning objectives
Define the core principles and components of DevSecOps integration within the traditional DevOps pipeline.
Analyze how security automation and testing can be effectively implemented throughout the continuous integration and delivery (CI/CD) process.
Evaluate the role of security as code and infrastructure as code (IaC) in maintaining consistent security standards.
Apply API security testing methodologies within a DevSecOps framework.
Demonstrate how to integrate automated security testing tools into the development lifecycle using available open-source resources.
Learning objectives
Define the core principles and components of DevSecOps integration within the traditional DevOps pipeline.
Analyze how security automation and testing can be effectively implemented throughout the continuous integration and delivery (CI/CD) process.
Evaluate the role of security as code and infrastructure as code (IaC) in maintaining consistent security standards.
Apply API security testing methodologies within a DevSecOps framework.
Demonstrate how to integrate automated security testing tools into the development lifecycle using available open-source resources.
Skills covered
Software Development SecurityDevOps FoundationsDevOpsFoundationsCybersecurity
Concepts
0. Introduction
- 01 - Introduction to DevSecOps
- 02 - What you should know
1. DevOps Basics
- 03 - What is DevOps
- 04 - Security is different in a DevOps world
- 05 - Introduction to DevSecOps
- 06 - Shifting security to the left
2. DevSecOps Foundations
- 07 - Cloud and DevOps
- 08 - Continuous integration and delivery
- 09 - APIs are essential
- 10 - Containers and DevOps
- 11 - Infrastructure as Code (IaC) in the pipeline
3. Getting Started with DevSecOps
- 12 - Application security in DevSecOps
- 13 - Leverage your existing processes
- 14 - The Ops in DevSecOps
- 15 - AI in DevSecOps
- 16 - Continuous feedback and improvement
4. Maturing Your DevSecOps Practice
- 17 - Metrics in DevSecOps
- 18 - Open source DevSecOps tools
- 19 - Real-life examples
Conclusion
- 20 - Grow and expand
Related courses
- Prometheus and Grafana: Visualizing Application Performance
- Writing Secure Code in iOS by Infosec
- Creating and Securing Bluetooth Low Energy (BLE) Applications
- Advanced Threat Modeling and Risk Assessment in DevSecOps
- Programming Foundations: Secure Coding
- AI Product Development: Secure by Design
- Secure Coding in C
- AI Product Security: Foundations and Proactive Security for AI