DevSecOps Resources and Training

tedjamestedjames Member Posts: 1,182 ■■■■■■■■□□
Can anybody recommend any good resources and training for learning about DevSecOps? I've read most of what Tanya Janca has written. I also know about https://devsecops.org/


Would love to find some actual training.

Comments

  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    I don't know of any training, but you could get training on the various pieces of devsecops, like Puppet specifically or the Atlassian stack.

    For Sec, often this can be twisted into the term Secure SDLC and the components shoved into there. I believe Tanya has an ongoing series of posts on Medium about the S-SDLC. You can also then look into something like ISC2's CSSLP cert and any materials around it.

    It sort of depends where you're coming into this from, the dev, the sec, or the ops, and which you'll be responsible for.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • tedjamestedjames Member Posts: 1,182 ■■■■■■■■□□
    Thanks for the info! I'm coming from the security side. At this point, I'm working with developers to ensure that they write code securely and follow SDLC. I have no real training or experience other than the knowledge I've gained on my own. Where I work, there's not a whole lot of money for training, so I have taken the initiative to learn on my own. It's better this way, actually, because I can create my own training plan and set my own goals.
  • scascscasc Member Posts: 465 ■■■■■■■□□□
    https://www.practical-devsecops.com/

    Check this out. Heard good things from ppl as it’s pretty interesting with hardcore 24 hour exam around practical concepts. 
    AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
  • tedjamestedjames Member Posts: 1,182 ■■■■■■■■□□
    Thanks for the tip!
Sign In or Register to comment.