SecDevOps Foundation Training (SDOF)

Level: Intermediate

SecDevOps is an initiative to put cybersecurity first within the security, development, and operations teams, requiring change management involved in the System Engineering Life Cycle (SELC). This DOI-certified course addresses benefits, concepts, and vocabulary of SecDevOps and DevSecOps; how they evolved from Agile practises; and highlights differences between DevOps practises and other types of security approaches.

Key Features of this SecDevOps Foundation Training:

  • After-course instructor coaching benefit
  • Certification from DevOps Institute

You Will Learn How To:

  • Explain the purpose, benefits, concepts and vocabulary of SecDevOps.
  • Differentiate DevOps security practises from other security approaches.
  • Trace the history and evolution of SecDevOps.
  • Focus on Business-driven security strategies.
  • Apply data and security science techniques.
  • Benefit from Security Testing with Red and Blue Teams.
  • Integrate security into Continuous Integration and Delivery workflows.
  • Integrate SecDevOps roles with a DevOps culture and organisation.

Choose the Training Solution That Best Fits Your Individual Needs or Organisational Goals


In Class & Live, Online Training

  • 3-day instructor-led training course
  • After-course instructor coaching benefit
  • DevOps Institute certification exam included
View Course Details & Schedule

Standard £1695




Team Training

  • Bring this or any training to your organisation
  • Full - scale program development
  • Delivered when, where, and how you want it
  • Blended learning models
  • Tailored content
  • Expert team coaching

Customize Your Team Training Experience


Save More on Training with Learning Tree Training Vouchers!

Our flexible, easy-to-redeem training vouchers are available to any employee within your organisation. For details, please call 0800 282 353 or chat live.

In Class & Live, Online Training

Note: This course runs for 3 Days

  • 7 - 9 Jun 9:00 AM - 4:30 PM BST Online (AnyWare) Online (AnyWare) Reserve Your Seat

  • 4 - 6 Oct 9:00 AM - 4:30 PM BST Online (AnyWare) Online (AnyWare) Reserve Your Seat

  • 6 - 8 Dec 9:00 AM - 4:30 PM GMT Online (AnyWare) Online (AnyWare) Reserve Your Seat

  • 16 - 18 Jun 2:00 PM - 9:30 PM BST Online (AnyWare) Online (AnyWare) Reserve Your Seat

  • 18 - 20 Aug 2:00 PM - 9:30 PM BST Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • 15 - 17 Sep 2:00 PM - 9:30 PM BST New York / Online (AnyWare) New York / Online (AnyWare) Reserve Your Seat

  • 17 - 19 Nov 2:00 PM - 9:30 PM GMT Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • 15 - 17 Dec 2:00 PM - 9:30 PM GMT New York / Online (AnyWare) New York / Online (AnyWare) Reserve Your Seat

  • 16 - 18 Feb 2:00 PM - 9:30 PM GMT Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • 16 - 18 Mar 1:00 PM - 8:30 PM GMT New York / Online (AnyWare) New York / Online (AnyWare) Reserve Your Seat

Guaranteed to Run

When you see the "Guaranteed to Run" icon next to a course event, you can rest assured that your course event — date, time — will run. Guaranteed.

Important SecDevOps Foundation Training Information

  • Who Should Attend this Course

    Software Developers/Tester, Release Manager, Automation Architects, XA Professional, Security Engineer, System Administrators.

  • Certification Information

    • The exam is taken in-class and is included in the course tuition fee.
    • The exam is open book and is 60 minutes in duration.
    • It is highly recommended that candidates attend the SecDevOps Foundation course with a DevOps Institute accredited Education Partner to prepare for the certification exam.
    • Exam administered through DOI leading to Certification.

SecDevOps Foundation Training Outline

  • Agile/DevOps Foundation Review

    • What is Agile/DevOps?
    • DevOps Goals
    • DevOps Values
    • DevOps Stakeholders
  • Why SecDevOps?

    • Key Terms and Concepts.
    • Why SecDevOps is important.
    • 3 Ways to Think About DevOps + Security.
    • Key Principles of SecDevOps
    • SecDevOps security-first philosophy.
    • SecDevOps evolution from DevSecOps.
  • Culture and Management

    • Key Terms and Concepts
    • Incentive Model
    • Resilience
    • Organisational Culture
    • Generativity
    • Erickson, Westrum, and LaLoux
  • Strategic Considerations

    • Key Terms and Concepts.
    • How Much Security is Enough?
    • Threat Modelling.
    • Context is Everything.
    • Risk Management in a High-velocity World.
    • Team Security Profiling
  • General Security Considerations

    • Avoiding the Checkbox Trap
    • Basic Security Hygiene
    • Architectural Considerations
    • Federated Identity
    • Log Management
  • Feature and Security Workflow

    • Configuration Management
    • Centralised Workflow
    • Workflow Branch Classifications
    • Pre and post commit
    • Deployment and Release Orchestration
  • Acquisition Lifecycle Security

    • Needs Phase requirements vs. security.
    • Acquisition Review Board (ARB)
    • Analyze/Select Phase measurement metrics.
    • Obtain Phase Life Cycle
    • Planning and Scheduling
    • Dispose Phase Concerns
  • Identity and Access Management (IAM)

    • Key Terms and Concepts
    • IAM Basic Concepts
    • Why IAM is Important
    • Implementation Guidance
    • Automation Opportunities
    • How to Hurt Yourself with IAM
  • Application Security

    • Application Security Testing (AST)
    • Testing Techniques
    • Prioritising Testing Techniques
    • Issue Management Integration
    • Threat Monitoring
    • Leveraging Automation
    • Secure Coding and OWASP compliance
  • Operational Security

    • Key Terms and Concepts
    • Basic Security Hygiene Practises
    • Role of Operations Management
    • The Ops Environment
    • Embracing Fail-Early, Fail-First
    • Security infrastructure as code
  • Cross-Team Security

    • Key Terms and Concepts
    • Establishing Trust
    • Promoting Shared Responsibility
    • Team Verification Techniques
    • Embedded Point-of-Contact
    • Security, Development and Operations Sprints
  • Roles and Responsibilities

    • SecDevOps Coach
    • Product Owner Expanded Responsibilities
    • Program and Project Manager
    • Information System Security Officer (ISSO)
    • SecDevOps Engineer
    • Site Reliability Engineer
  • Governance, Risk, Compliance (GRC) Audit

    • Key Terms and Concepts
    • What is GRC?
    • Why Care About GRC?
    • Rethinking Policies
    • Policy as Code
    • Shifting Audit Left
    • 3 Myths of Segregation of Duties vs. DevOps
  • Logging, Monitoring and Response

    • Key Terms and Concepts
    • Setting Up Log Management
    • Incident Response and Forensics
    • Threat Intelligence and Information Sharing
  • Continual Improvement

    • Retrospectives
    • Continuous Learning
    • Open Collaboration (including security)
    • Shared intelligence
  • Review and Summary

    • Exam Review
    • Key course concepts
    • Next steps

Team Training

SecDevOps Foundation Training FAQs

  • How is this course different from DevSecOps?

    SecDevOps is an initiative to put cybersecurity first, along with extensions that aim to ensure optimum security throughout all phases of the software life cycle, within the cybersecurity, development, and operations teams.

Online (AnyWare)
Online (AnyWare)
Online (AnyWare)
Online (AnyWare)
Herndon, VA / Online (AnyWare)
New York / Online (AnyWare)
Herndon, VA / Online (AnyWare)
New York / Online (AnyWare)
Herndon, VA / Online (AnyWare)
New York / Online (AnyWare)
Why do we require your location?

It allows us to direct your request to the appropriate Customer Care team.

Preferred method of contact:

Please Choose a Language

Canada - English

Canada - Français