CONTENUTI

REALIZING DEVSECOPS OUTCOMES

• Origins of DevOps
• Evolution of DevSecOps
• CALMS
• The Three Ways

 

DEFINING THE CYBERTHREAT LANDSCAPE

• What is the Cyber Threat Landscape?
• What is the threat?
• What do we protect from?
• What do we protect, and why?
• How do I talk to security?

 

BUILDING A RESPONSIVE DEVSECOPS MODEL

• Demonstrate Model
• Technical, business and human outcomes
• What’s being measured?
• Gating and thresholding

 

INTEGRATING DEVSECOPS STAKEHOLDERS

• The DevSecOps State of Mind
• The DevSecOps Stakeholders
• What’s at stake for who?
• Participating in the DevSecOps model

 

ESTABLISHING DEVSECOPS BEST PRACTICES

• Start where you are
• Integrating people, process and technology and governance
• DevSecOps operating model
• Communication practices and boundaries
• Focusing on outcomes

 

BEST PRACTICES TO GET STARTED

• The Three Ways
• Identifying target states
• Value stream-centric thinking

 

DEVOPS PIPELINES AND CONTINUOUS COMPLIANCE

• The goal of a DevOps pipeline
• Why continuous compliance is important
• Archetypes and reference architectures
• Coordinating DevOps Pipeline construction
• DevSecOps tool categories, types and examples

 

LEARNING USING OUTCOMES

• Security Training Options
• Training as Policy
• Experiential Learning
• Cross-Skilling​
• The DevSecOps Collective Body of Knowledge
• Preparing for the DevSecOps Foundation certification exam