As companies are pushing code faster and more often than ever,
the rate of vulnerabilities in our systems is accelerating. As we are being
sked to do more with less, DevOps has shown immense value to business
and security as an integral component that needs to be integrated into
the strategy.

Topics covered in the course include how DevSecOps provides the
business value of DevOps and the ability DevOps has to enable the
business and support an organizational transformation with the ultimate
goal of increasing productivity, reducing risk, and optimizing cost in the
organization.

This course explains how DevOps security practices differ from other
security approaches and provides the education needed to understand
and apply data and security sciences. Participants learn the purpose,
benefits, concepts, and vocabulary of DevSecOps; particularly how
DevSecOps roles fit with a DevOps culture and organization. At the end
of this course, participants will understand using “security as code” with
the intent of making security and compliance consumable as a service.

The learning objectives include a practical understanding of:
● The purpose, benefits, concepts, and vocabulary of DevSecOps
● How DevOps security practices differ from other security
approaches
● Business-driven security strategies
● Understanding and applying data and security sciences

The learning objectives include a practical understanding of:
● The purpose, benefits, concepts, and vocabulary of DevSecOps
● How DevOps security practices differ from other security approaches
● Business-driven security strategies
● Understanding and applying data and security sciences
● The use and benefits of Red and Blue Teams
● Integrating security into Continuous Delivery workflows
● How DevSecOps roles fit with a DevOps culture and organization

The target audience for the DevSecOps Foundation course are professionals
including:
● Those interested in learning about DevSecOps strategies and automation
● Those involved in Continuous Delivery toolchain architectures
● Compliance Team / Delivery Staff / DevOps Engineers
● IT Managers / IT Security Professionals, Practitioners, and Managers
● Maintenance and Support Staff
● Managed Service Providers
● Project Managers / Product Managers
● Quality Assurance Teams / Release Managers / Scrum Masters
● Site Reliability Engineers / Software Engineers / Testers

An understanding and knowledge of common DevOps terminology and
concepts and related work experience are recommended.

● Sixteen (16) hours of instructor-led training and exercise facilitation
● Digital Learner Manual (excellent post-class reference)
● Participation in exercises designed to apply concepts
● Sample documents, templates, tools and techniques
● Access to additional sources of information and communities

Successfully passing (65%) the 60-minute examination, consisting of 40
multiple-choice questions, leads to the candidate’s designation as DevSecOps
Foundation (DSOF) certified. The certification is governed and maintained by the
DevOps Institute.