DevSecOps training icon

DevSecOps training

2 day DevSecOps training class

This 2-day intermediate course to automate security into a fast-paced DevOps environment using various open-source tools and scripts.

The course is available directly from Claranet Cyber Security or you can book through one of our partners. The course is now available as live, online training and can be delivered for you individually or for your company. Contact us below with your requirements.

Attendees will be able to:

  • Create a security culture/mindset amongst the already integrated “DevOps” team
  • Find and fix low hanging fruits like SQL Injection, XSS and insecure libraries and dependencies as early in SDLC as possible by injecting security in CI/CD
  • Build a system with continuous security monitoring

Delegates receive:

  • The delegates will receive a DevSecOps-Lab VM (designed by the NotSoSecure team) containing all the code, scripts and tools that are used for building the entire DevSecOps pipeline

For security and IT decision makers

What’s the real impact of training your team through NotSoSecure?

Shift your organisation’s security left, make it a less attractive target to attackers, and help it resist attacks by building a team that can develop resilient applications and systems using secure processes. Trained delegates can:

  • Implement security tools and build and automate secure processes within their DevOps pipelines.
  • Secure any DevOps environment, from development and staging to production.
  • Securely deploy all the latest DevSecOps technologies which are covered in the course.
  • Understand the business impact of DevSecOps principles and articulate this to key stakeholders.
  • Solve business and development problems with a security mindset.
  • Take on greater responsibility in the team and become an advocate of security in the wider business.

Upcoming events:

  • Overview
  • Details
  • Pre-requisites & Audience
  • PDF Download

Modern enterprises are implementing the technical and cultural changes required to embrace DevOps methodology by introducing practices such Continuous Integration (CI), Continuous Delivery (CD), Continuous Monitoring (CM) and Infrastructure as Code(IaC) .DevSecOps extends DevOps by introducing security in each of these practices giving a certain level of security assurance in the final product. In this course, we will demonstrate using our state-of-the-art DevSecOps Lab as to how to inject security in CI, CD, CM and IaC.

As part of this course delegates will receive the DevSecOps Lab built using Vagrant and Ansible comprising of various open-source tools and scripts to help the DevOps engineers in automating security within their CI/CD pipeline. While the workshop uses Java/J2EE technology stack, the workshop is language agnostic and similar tools can be used against other application development frameworks.

A Short preview of our course is available for viewing here

Introduction to DevOps

  • Introduction and Lab Setup
  • Challenges with Traditional IT
  • What is DevOps?

Introduction to DevSecOps

  • Challenges for Security in DevOps
  • DevSecOps – Why, What and How?
  • Vulnerability Management

Continuous Integration

  • Pre-Commit Hooks
  • Secrets Management

Continuous Delivery

  • Software Composition Analysis (SCA)
  • Static Analysis Security Testing (SAST)
  • Dynamic Analysis Security Testing (DAST)

Infrastructure as Code

  • Vulnerability Assessment (VA)
  • Container Security (CS)
  • Compliance as Code (CaC)

Continuous Monitoring

  • Alerting and Monitoring
  • Introduction to F-ELK

DevSecOps in AWS

  • DevOps on Cloud Native AWS
  • AWS Threat Landscape
  • DevSecOps in Cloud Native AWS

DevSecOps Challenges and Enablers

  • Challenges with DevSecOps
  • Building DevSecOps Culture
  • Security Champions

Who should attend

DevOps engineers, security and solutions architects, system administrators will also strongly benefit from this course as it’ll give them a holistic approach towards application security


Anybody with a background in IT or related to software development whether a developer or a manager can attend this course to get an insight about DevOps and DevSecOps.

Delegates should bring a laptop with minimum 12 GB RAM and 40 GB of extra space and have administrator privileges


Download PDF

Other courses to further your knowledge

Lab-based training - written by Black Hat trainers.

These classes are ideal for those preparing for CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform penetration testing on infrastructure or web applications as a day job and wish to add to their existing skill set.

Enquire about your training

We provide training directly (live, online or in person) and also work with a range of training partners in different locations around the globe for classroom or live, online training. Please contact us with details of your requirement and we will recommend the best route to access our amazing training.

The course can also be booked directly through our accredited training partners.

This course is available directly from Claranet Cyber Security, and is also available from our partners. If booked through Check Point, Cyber-Security Learning Credits are accepted for this course.

Check Point

Our accreditations

Cyber essentials
CEH Accreditation
CCISO Accreditation
CISSP Accreditation
CRISC Accreditation
OSCE Accreditation