We may earn an affiliate commission when you visit our partners.
DevSecCon

Security expert Dr. Matias Madou, Ph.D. will demonstrate the changes the industry has faced in the journey from Waterfall to DevSecOps, as well as reveal how you, the developer, can become a powerful piece of the DevSecOps pipeline.

Read more

Security expert Dr. Matias Madou, Ph.D. will demonstrate the changes the industry has faced in the journey from Waterfall to DevSecOps, as well as reveal how you, the developer, can become a powerful piece of the DevSecOps pipeline.

In the ancient times of software creation, we had AppSec and we had developers. Generally, AppSec was aware of security problems, their impact, and code-level fixes. However, these remedies would rarely work in the custom tech stack of the company. Developers cranked out software features in a fast, functional and reliable way but also released their code for security review as late as possible. Why? To shorten the AppSec feedback window, ensuring their out-of-context security recommendations would bounce back well after the release window and not halt proceedings. A little dysfunctional to say the least. Fast-forward to today, and our demand for software is greater than ever before as is the risk of data breaches from common vulnerabilities. This fractured process cannot work, and the DevSecOps movement is here to change the game. DevSecOps creates an environment of shared responsibility for security, where developers become responsible for effective deployment, and the lines between AppSec and development teams are increasingly blurred and more collaborative. The days of a hands-off security approach for developers are over, and with the right training and tools, they can take advantage of this process, upskill their security awareness and stand out among their peers. Security expert Dr. Matias Madou, Ph.D. will demonstrate the changes the industry has faced in the journey from Waterfall to DevSecOps, as well as reveal how you, the developer, can become a powerful piece of the DevSecOps pipeline without compromising the work you love most.

Enroll now

What's inside

Syllabus

AppSec Is Dead. Long Live DevSecOps!

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Provides developer-centered security insights for an industry audience facing unprecedented demand for software
Promotes a collaborative security environment, shaping the industry's response to evolving security risks
Enhances developer awareness by integrating security into their workflows
Suitable for developers seeking to enhance their security knowledge and advance their careers
Presents a comprehensive overview of the industry's transition from Waterfall to DevSecOps
Taught by Dr. Matias Madou, a recognized security expert

Save this course

Save AppSec Is Dead. Long Live DevSecOps! to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in AppSec Is Dead. Long Live DevSecOps! with these activities:
Review Agile methodologies
Review the foundational concepts of Agile methodologies to strengthen your understanding of their role in DevSecOps.
Browse courses on Agile Methodologies
Show steps
  • Revisit the Agile Manifesto and its principles
  • Summarize the key practices of Scrum and Kanban
  • Identify the benefits and limitations of Agile approaches
Join a DevSecOps study group
Enhance your learning experience by joining a DevSecOps study group, where you can connect with peers, share knowledge, and collaborate on assignments.
Browse courses on Peer Support
Show steps
  • Reach out to classmates or online communities to form a study group
  • Establish regular meeting times and study plans
  • Take turns presenting on key topics and engage in discussions
Review 'The DevSecOps Handbook' by Gene Kim et al.
Gain insights and best practices by reading 'The DevSecOps Handbook', which provides a comprehensive guide to implementing and scaling DevSecOps in organizations.
Show steps
  • Read and summarize key chapters of the book
  • Identify key concepts and techniques for successful DevSecOps adoption
  • Discuss the book's ideas and how they apply to your own work environment
Five other activities
Expand to see all activities and additional details
Show all eight activities
Explore DevSecOps tools and technologies
Enhance your understanding of DevSecOps by exploring various tools and technologies used for security scanning, vulnerability management, and continuous integration and delivery.
Show steps
  • Research popular DevSecOps tools and their functionalities
  • Follow tutorials on using specific tools
  • Experiment with integrating these tools into your development workflow
Attend a DevSecOps workshop
Engage in a hands-on DevSecOps workshop to gain practical experience, collaborate with peers, and enhance your understanding of real-world implementations.
Browse courses on Security Training
Show steps
  • Research upcoming DevSecOps workshops
  • Register and attend a workshop relevant to your interests
  • Participate actively in hands-on exercises and discussions
Develop a DevSecOps plan for your project
Apply your knowledge to create a comprehensive DevSecOps plan that outlines your security strategy, risk assessment, and implementation plan for a real-world project.
Browse courses on Security Strategy
Show steps
  • Define the scope and goals of your project
  • Identify and assess potential security risks
  • Develop a strategy to mitigate identified risks
  • Outline the implementation plan for your DevSecOps approach
Practice ethical hacking techniques
Sharpen your security skills by practicing ethical hacking techniques, identifying vulnerabilities, and enhancing your ability to protect systems from malicious actors.
Browse courses on Ethical Hacking
Show steps
  • Set up a virtual lab environment for ethical hacking
  • Learn and practice basic hacking techniques
  • Conduct vulnerability assessments and penetration tests
Participate in a DevSecOps hackathon
Challenge yourself and apply your skills in a competitive environment by participating in a DevSecOps hackathon, where you can collaborate with others to solve real-world security challenges.
Browse courses on Problem-Solving
Show steps
  • Identify upcoming DevSecOps hackathons
  • Form a team or participate individually
  • Work on developing innovative solutions to security challenges

Career center

Learners who complete AppSec Is Dead. Long Live DevSecOps! will develop knowledge and skills that may be useful to these careers:
Cloud Security Engineer
The DevSecOps movement involves shifting security responsibilities to developers, and cloud security is a rapidly growing field. Understanding how to work with the tools and practices that DevSecOps requires is essential for a cloud security engineer. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you gain some of these skills.
Security Analyst
Security analysts often need to work closely with development teams to identify and mitigate security risks. By better understanding how developers work, you can be a more effective security analyst. The 'AppSec Is Dead. Long Live DevSecOps!' course will introduce you to the challenges and benefits of working within a DevSecOps pipeline, helping you to be a better analyst.
DevOps Engineer
DevOps engineers bring together development and operations to enable continuous delivery and deployment of applications and services. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you become a more effective DevOps engineer by providing a better understanding of the security risks involved in software development.
Software Engineer
As a software engineer, you will need to be able to write secure code. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you develop the skills you need to write more secure code by teaching you about the latest security risks and how to mitigate them.
Information Security Analyst
Information security analysts are responsible for protecting an organization's information systems and data from unauthorized access, use, disclosure, disruption, modification, or destruction. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you gain the knowledge and skills you need to be an effective information security analyst.
Security Architect
Security architects design and implement security solutions for organizations. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you develop the skills you need to be a security architect by teaching you about the latest security threats and how to mitigate them.
Network Security Engineer
Network security engineers are responsible for designing, implementing, and maintaining network security systems. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a network security engineer.
Database Security Analyst
Database security analysts are responsible for protecting databases from unauthorized access, use, disclosure, disruption, modification, or destruction. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a database security analyst.
Security Consultant
Security consultants help organizations to identify and mitigate security risks. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a security consultant.
Security Engineer
Security engineers are responsible for designing, implementing, and maintaining security systems for organizations. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a security engineer.
Security Manager
Security managers are responsible for managing the security of an organization's information systems and data. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a security manager.
Chief Information Security Officer (CISO)
CISOs are responsible for developing and implementing an organization's security strategy. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a CISO.
Chief Technology Officer (CTO)
CTOs are responsible for overseeing the technology strategy of an organization. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a CTO.
Information Technology (IT) Director
IT directors are responsible for managing the IT operations of an organization. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be an IT director.
Systems Administrator
Systems administrators are responsible for managing the day-to-day operations of a computer system. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a systems administrator.

Reading list

We've selected eight books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in AppSec Is Dead. Long Live DevSecOps!.
This comprehensive textbook on security engineering provides a deep understanding of the principles and practices of building secure distributed systems. It covers a wide range of topics, including cryptography, authentication, authorization, and access control.
This classic book on security patterns provides a comprehensive overview of the principles and practices of security patterns. It covers a wide range of topics, including secure coding practices, threat modeling, and security architecture.
This comprehensive guide to secure coding provides a detailed overview of the principles and practices of secure coding. It covers a wide range of topics, including secure coding practices, threat modeling, and secure software design.
This popular novel uses a fictional story to illustrate the challenges and benefits of DevOps. It provides valuable insights into the culture and practices of high-performing IT teams.
This comprehensive guide to software security testing provides a detailed overview of the principles and practices of software security testing. It covers a wide range of topics, including security testing techniques, tools, and methodologies.
This widely used coding standard provides a set of rules and guidelines for writing secure C code. It covers a wide range of topics, including secure coding practices, error handling, and memory management.
This comprehensive guide to software security provides practical advice on how to avoid common security problems. It covers a wide range of topics, including secure coding practices, threat modeling, and security testing.
This practical guide to threat modeling provides a structured approach for identifying and mitigating security risks in software systems. It covers the key concepts of threat modeling and provides step-by-step instructions for creating threat models.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser