AppSec Is Dead. Long Live DevSecOps! from Pluralsight

Security expert Dr. Matias Madou, Ph.D. will demonstrate the changes the industry has faced in the journey from Waterfall to DevSecOps, as well as reveal how you, the developer, can become a powerful piece of the DevSecOps pipeline.

In the ancient times of software creation, we had AppSec and we had developers. Generally, AppSec was aware of security problems, their impact, and code-level fixes. However, these remedies would rarely work in the custom tech stack of the company. Developers cranked out software features in a fast, functional and reliable way but also released their code for security review as late as possible. Why? To shorten the AppSec feedback window, ensuring their out-of-context security recommendations would bounce back well after the release window and not halt proceedings. A little dysfunctional to say the least. Fast-forward to today, and our demand for software is greater than ever before as is the risk of data breaches from common vulnerabilities. This fractured process cannot work, and the DevSecOps movement is here to change the game. DevSecOps creates an environment of shared responsibility for security, where developers become responsible for effective deployment, and the lines between AppSec and development teams are increasingly blurred and more collaborative. The days of a hands-off security approach for developers are over, and with the right training and tools, they can take advantage of this process, upskill their security awareness and stand out among their peers. Security expert Dr. Matias Madou, Ph.D. will demonstrate the changes the industry has faced in the journey from Waterfall to DevSecOps, as well as reveal how you, the developer, can become a powerful piece of the DevSecOps pipeline without compromising the work you love most.

What's inside

Syllabus

AppSec Is Dead. Long Live DevSecOps!

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Provides developer-centered security insights for an industry audience facing unprecedented demand for software

Promotes a collaborative security environment, shaping the industry's response to evolving security risks

Enhances developer awareness by integrating security into their workflows

Suitable for developers seeking to enhance their security knowledge and advance their careers

Presents a comprehensive overview of the industry's transition from Waterfall to DevSecOps

Taught by Dr. Matias Madou, a recognized security expert

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in AppSec Is Dead. Long Live DevSecOps! with these activities:

Review Agile methodologies

Show steps

Review the foundational concepts of Agile methodologies to strengthen your understanding of their role in DevSecOps.

Browse courses on Agile Methodologies

Show steps

Revisit the Agile Manifesto and its principles
Summarize the key practices of Scrum and Kanban
Identify the benefits and limitations of Agile approaches

Join a DevSecOps study group

Show steps

Enhance your learning experience by joining a DevSecOps study group, where you can connect with peers, share knowledge, and collaborate on assignments.

Browse courses on Peer Support

Show steps

Reach out to classmates or online communities to form a study group
Establish regular meeting times and study plans
Take turns presenting on key topics and engage in discussions

Review 'The DevSecOps Handbook' by Gene Kim et al.

Show steps

Gain insights and best practices by reading 'The DevSecOps Handbook', which provides a comprehensive guide to implementing and scaling DevSecOps in organizations.

View The DevOps Handbook: How to Create World-Class... on Amazon

Show steps

Read and summarize key chapters of the book
Identify key concepts and techniques for successful DevSecOps adoption
Discuss the book's ideas and how they apply to your own work environment

Five other activities

Expand to see all activities and additional details

Show all eight activities

Explore DevSecOps tools and technologies

Show steps

Enhance your understanding of DevSecOps by exploring various tools and technologies used for security scanning, vulnerability management, and continuous integration and delivery.

Show steps

Research popular DevSecOps tools and their functionalities
Follow tutorials on using specific tools
Experiment with integrating these tools into your development workflow

Attend a DevSecOps workshop

Show steps

Engage in a hands-on DevSecOps workshop to gain practical experience, collaborate with peers, and enhance your understanding of real-world implementations.

Browse courses on Security Training

Show steps

Research upcoming DevSecOps workshops
Register and attend a workshop relevant to your interests
Participate actively in hands-on exercises and discussions

Develop a DevSecOps plan for your project

Show steps

Apply your knowledge to create a comprehensive DevSecOps plan that outlines your security strategy, risk assessment, and implementation plan for a real-world project.

Browse courses on Security Strategy

Show steps

Define the scope and goals of your project
Identify and assess potential security risks
Develop a strategy to mitigate identified risks
Outline the implementation plan for your DevSecOps approach

Practice ethical hacking techniques

Show steps

Sharpen your security skills by practicing ethical hacking techniques, identifying vulnerabilities, and enhancing your ability to protect systems from malicious actors.

Browse courses on Ethical Hacking

Show steps

Set up a virtual lab environment for ethical hacking
Learn and practice basic hacking techniques
Conduct vulnerability assessments and penetration tests

Participate in a DevSecOps hackathon

Show steps

Challenge yourself and apply your skills in a competitive environment by participating in a DevSecOps hackathon, where you can collaborate with others to solve real-world security challenges.

Browse courses on Problem-Solving

Show steps

Identify upcoming DevSecOps hackathons
Form a team or participate individually
Work on developing innovative solutions to security challenges

Career center

Learners who complete AppSec Is Dead. Long Live DevSecOps! will develop knowledge and skills that may be useful to these careers:

Cloud Security Engineer

The DevSecOps movement involves shifting security responsibilities to developers, and cloud security is a rapidly growing field. Understanding how to work with the tools and practices that DevSecOps requires is essential for a cloud security engineer. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you gain some of these skills.

See salaries and explore the career path for Cloud Security Engineer

Security Analyst

Security analysts often need to work closely with development teams to identify and mitigate security risks. By better understanding how developers work, you can be a more effective security analyst. The 'AppSec Is Dead. Long Live DevSecOps!' course will introduce you to the challenges and benefits of working within a DevSecOps pipeline, helping you to be a better analyst.

See salaries and explore the career path for Security Analyst

DevOps Engineer

DevOps engineers bring together development and operations to enable continuous delivery and deployment of applications and services. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you become a more effective DevOps engineer by providing a better understanding of the security risks involved in software development.

See salaries and explore the career path for DevOps Engineer

Software Engineer

As a software engineer, you will need to be able to write secure code. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you develop the skills you need to write more secure code by teaching you about the latest security risks and how to mitigate them.

See salaries and explore the career path for Software Engineer

Information Security Analyst

Information security analysts are responsible for protecting an organization's information systems and data from unauthorized access, use, disclosure, disruption, modification, or destruction. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you gain the knowledge and skills you need to be an effective information security analyst.

See salaries and explore the career path for Information Security Analyst

Security Architect

Security architects design and implement security solutions for organizations. The 'AppSec Is Dead. Long Live DevSecOps!' course can help you develop the skills you need to be a security architect by teaching you about the latest security threats and how to mitigate them.

See salaries and explore the career path for Security Architect

Network Security Engineer

Network security engineers are responsible for designing, implementing, and maintaining network security systems. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a network security engineer.

See salaries and explore the career path for Network Security Engineer

Database Security Analyst

Database security analysts are responsible for protecting databases from unauthorized access, use, disclosure, disruption, modification, or destruction. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a database security analyst.

See salaries and explore the career path for Database Security Analyst

Security Consultant

Security consultants help organizations to identify and mitigate security risks. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a security consultant.

See salaries and explore the career path for Security Consultant

Security Engineer

Security engineers are responsible for designing, implementing, and maintaining security systems for organizations. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a security engineer.

See salaries and explore the career path for Security Engineer

Security Manager

Security managers are responsible for managing the security of an organization's information systems and data. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a security manager.

See salaries and explore the career path for Security Manager

Chief Information Security Officer (CISO)

CISOs are responsible for developing and implementing an organization's security strategy. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a CISO.

See salaries and explore the career path for Chief Information Security Officer (CISO)

Chief Technology Officer (CTO)

CTOs are responsible for overseeing the technology strategy of an organization. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a CTO.

See salaries and explore the career path for Chief Technology Officer (CTO)

Information Technology (IT) Director

IT directors are responsible for managing the IT operations of an organization. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be an IT director.

See salaries and explore the career path for Information Technology (IT) Director

Systems Administrator

Systems administrators are responsible for managing the day-to-day operations of a computer system. The 'AppSec Is Dead. Long Live DevSecOps!' course may help you gain the knowledge and skills you need to be a systems administrator.

See salaries and explore the career path for Systems Administrator