We may earn an affiliate commission when you visit our partners.
Matt Bushby
In today’s fast-paced digital economy, the need to build and deploy software at scale has never been greater—but speed without security is a recipe for risk. That’s why DevSecOps is no longer optional—it’s essential.
Security That Scales With Your Code
Read more
In today’s fast-paced digital economy, the need to build and deploy software at scale has never been greater—but speed without security is a recipe for risk. That’s why DevSecOps is no longer optional—it’s essential.
Security That Scales With Your Code
Read more
In today’s fast-paced digital economy, the need to build and deploy software at scale has never been greater—but speed without security is a recipe for risk. That’s why DevSecOps is no longer optional—it’s essential.
Security That Scales With Your Code
This course, built by the Cyber Skills Academy at Macquarie University, a top 1% university globally and Australia’s leading cyber security school, delivers the expertise needed to embed security into every phase of the software development lifecycle. Co-designed with industry to reflect current and emerging best practices, this course is packed with actionable knowledge for developers, engineers, and security professionals.
You’ll gain deep, practical insight into:
• Secure-by-design software architecture, including the principles that shape resilient systems from day one.
• Security-aware coding practices, including how to manage APIs, access controls, and web vulnerabilities.
• Application-layer security, leveraging static analysis and dependency checks to detect flaws early.
• CI/CD pipeline hardening, with tools and practices that automate trust—from infrastructure as code to SLSA and SBOMs.
• Cloud-native security, using containers, Kubernetes, and service mesh solutions to build robust Azure deployments.
• MLSecOps, where the challenges of securing machine learning models meet modern DevSecOps workflows.
• Attack surface awareness, equipping you to think like an attacker and defend accordingly.
Throughout the course, you’ll explore real-world tools and frameworks, learn how to shift security left, and build security into every commit, build, and deploy.
Build Fast, Deploy Secure
Whether you’re a developer aiming to level up your security game, or a security specialist stepping into DevOps environments, this course will give you the skills to lead in secure software delivery—from development through to deployment and beyond.
Register for this course and see more details by visiting:
OpenCourser.com/course/x9w856/cyber
Two deals to help you save
Save money when you learn. Here are two deals and offers that may be relevant to this course.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Valid until July 14
Coursera Plus Annual
Work toward what's next for your career with access to 10,000+ programs. Discover emerging skills and save.
Up to
40%
off
Get offer
Valid until August 30
Google AI App Builder
Learn how to use Gemini API and API Studio with a three-course series from Google DeepMind
Take
100%
off
Get offer
What's inside
Syllabus
Development and Operations with Security
Security must start at the very beginning of the software development lifecycle. In this topic, you’ll explore the foundational principles of DevSecOps and learn how to integrate security thinking into every phase of development and operations. You’ll gain an understanding of the core objectives of DevSecOps, how modern development methodologies and tools impact security, and the importance of secure design practices from day one. The topic also covers critical practices like handling secrets securely and maintaining integrity in version control systems. By the end of this topic, you’ll have a clear grasp of how to embed security into agile and DevOps workflows, ensuring that protection isn’t an afterthought, but a continuous and collaborative part of delivering software.
Read more
Syllabus
Development and Operations with Security
Security must start at the very beginning of the software development lifecycle. In this topic, you’ll explore the foundational principles of DevSecOps and learn how to integrate security thinking into every phase of development and operations. You’ll gain an understanding of the core objectives of DevSecOps, how modern development methodologies and tools impact security, and the importance of secure design practices from day one. The topic also covers critical practices like handling secrets securely and maintaining integrity in version control systems. By the end of this topic, you’ll have a clear grasp of how to embed security into agile and DevOps workflows, ensuring that protection isn’t an afterthought, but a continuous and collaborative part of delivering software.
Read more
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Activities
Coming soon
We're preparing activities for
Cyber Security: DevSecOps.
These are activities you can do either before, during, or after a course.
Career center
Learners who complete Cyber Security: DevSecOps will develop knowledge and skills
that may be useful to these careers:
DevSecOps Engineer
DevSecOps Engineer
A DevSecOps Engineer is at the forefront of integrating security into every stage of the software development lifecycle, ensuring security is an intrinsic part of development and operations. This course provides the foundational principles and advanced practices needed to excel as a DevSecOps Engineer. Learners gain deep insight into secure-by-design software architecture and security-aware coding practices, crucial for preventing vulnerabilities. The curriculum's focus on CI/CD pipeline hardening, automating trust with infrastructure as code, SLSA, and SBOMs directly prepares one for real-world application. Additionally, expertise in cloud-native security, including containers, Kubernetes, and robust Azure deployments, will equip professionals to lead in secure software delivery, building security into every commit, build, and deploy.
Product Security Engineer
Product Security Engineer
A Product Security Engineer embeds security into the design, development, and testing of products, ensuring security is a core feature from conception. This course offers highly relevant expertise for a Product Security Engineer, focusing on how to build fast and deploy secure. Learners gain deep practical insight into secure-by-design software architecture, emphasizing principles that shape resilient systems from day one. The curriculum's focus on secure software development, including security-aware coding practices, managing APIs, access controls, and web vulnerabilities, directly applies to building secure products. Furthermore, understanding application-layer security and CI/CD pipeline hardening enables the Product Security Engineer to ensure that security is continuous throughout the product's evolution.
Cloud Security Architect
Cloud Security Architect
A Cloud Security Architect designs and oversees the implementation of security solutions within cloud environments, ensuring resilience and compliance. This course offers comprehensive preparation for a Cloud Security Architect, with an entire module dedicated to DevSecOps in Cloud Environment based on Azure. Learners gain crucial expertise in securing containers with Docker, managing application orchestration using Kubernetes, and addressing key aspects of cloud network security. The focus on secure-by-design software architecture and principles for resilient systems from day one is fundamental to this role. By exploring how DevSecOps principles apply to cloud infrastructure and dynamic workloads, individuals are well-prepared to build and operate secure, scalable cloud environments.
Application Security Engineer
Application Security Engineer
An Application Security Engineer specializes in ensuring the security of software applications throughout their development and deployment. This course provides highly relevant knowledge for an Application Security Engineer, directly addressing secure software development and application aspects of DevSecOps. Learners delve into security-aware coding practices, including managing APIs, access controls, and mitigating web vulnerabilities. The curriculum's focus on application-layer security, leveraging static analysis and dependency checks to detect flaws early, is vital for this role. Understanding how to shift security left and embed it into every stage of application development will enable one to deliver trusted, high-integrity software, making them an indispensable asset to any development team.
Machine Learning Security Engineer
Machine Learning Security Engineer
A Machine Learning Security Engineer specializes in securing machine learning models and the pipelines that deploy and manage them. This course offers cutting-edge knowledge for a Machine Learning Security Engineer, with a dedicated section on MLSecOps. Learners explore where the challenges of securing machine learning models meet modern DevSecOps workflows, including understanding how AI is being used within DevSecOps. The final topic on Threats and Attacks specifically covers attack vectors targeting ML and AI-driven systems, equipping individuals to evaluate security risks in this specialized domain. Combining this ML-specific security context with broader DevSecOps principles like secure pipelines and cloud-native security, prepares professionals to safeguard complex machine learning systems.
Security Consultant
Security Consultant
A Security Consultant advises organizations on security strategies, risk management, and the implementation of robust security solutions. This course provides comprehensive knowledge for a Security Consultant to guide clients through adopting DevSecOps principles and practices effectively. The curriculum covers foundational principles, secure software development, and application aspects of DevSecOps, offering a holistic view of integrating security into the software lifecycle. Expertise in CI/CD pipeline hardening, cloud-native security (especially Azure), and MLSecOps allows a consultant to offer specialized advice on current and emerging best practices. Understanding how to shift security left enables one to advise on developing resilient systems and proactively managing cyber risks.
Security Engineer
Security Engineer
A Security Engineer designs, builds, and maintains robust security systems and protocols to protect an organization's digital assets. This course helps a Security Engineer by providing in-depth knowledge of securing the software lifecycle from development through to deployment. It equips learners with practical insights into secure-by-design software architecture and security-aware coding practices crucial for preventing vulnerabilities from the outset. Detailed exploration of application-layer security, CI/CD pipeline hardening, and cloud-native security in Azure environments means one can effectively implement and manage controls across modern tech stacks. Understanding attack surface awareness and thinking like an attacker further enhances one's ability to defend systems proactively.
Solutions Architect
Solutions Architect
A Solutions Architect designs and integrates complex technological solutions for an organization, translating business requirements into technical specifications. This course provides significant value for a Solutions Architect by instilling a security-first mindset into solution design. Understanding secure-by-design software architecture and the principles that shape resilient systems from day one is critical for creating robust solutions. The course's deep dive into cloud-native security, including containers, Kubernetes, and secure Azure deployments, directly supports designing secure and scalable cloud solutions. By comprehending DevSecOps in Pipelines and application-layer security, a Solutions Architect ensures their proposed architectures not only meet functional needs but also incorporate leading security practices throughout the software delivery lifecycle.
Site Reliability Engineer
Site Reliability Engineer
A Site Reliability Engineer applies software engineering principles to operations, ensuring system reliability, scalability, and performance. This course provides crucial insights for a Site Reliability Engineer into maintaining the security and resilience of deployed systems. The emphasis on secure-by-design software architecture, the principles that shape resilient systems from day one, and secure software development practices directly contributes to building more reliable services. Furthermore, understanding CI/CD pipeline hardening and cloud-native security, including containers and Kubernetes, enables a Site Reliability Engineer to manage and operate secure, scalable, and resilient cloud environments. Equipping oneself with attack surface awareness also aids in anticipating and mitigating operational security risks.
Automation Engineer
Automation Engineer
An Automation Engineer designs and implements automated systems and processes, often within software development and operations. This course significantly enhances the capabilities of an Automation Engineer by embedding security into automated workflows. The topic on DevSecOps in Pipelines is particularly relevant, exploring how to integrate robust security controls into CI/CD pipelines, using tools like static scanners and dynamic application security testing. Learning how to secure infrastructure using Infrastructure as Code practices is crucial for automating secure deployments. By understanding how to automate trust and protect the entire delivery pipeline, an Automation Engineer ensures that speed does not come at the cost of security, building efficient and inherently secure continuous delivery systems.
Release Engineer
Release Engineer
A Release Engineer manages and optimizes the process of delivering software from development to production, ensuring smooth and reliable releases. This course provides highly relevant skills for a Release Engineer, emphasizing secure and automated delivery. The topic DevSecOps in Pipelines directly addresses how to embed robust security controls into CI/CD pipelines, which is central to a Release Engineer's responsibilities. Learners examine how tools like static scanners and dynamic application security testing can be integrated into development workflows, and how to secure infrastructure using Infrastructure as Code practices. By understanding how to protect the entire delivery pipeline from code to production, a Release Engineer ensures that releases are not only fast and efficient but also inherently secure.
Infrastructure Engineer
Infrastructure Engineer
An Infrastructure Engineer designs, builds, and maintains the underlying infrastructure that supports software applications and services. This course provides crucial knowledge for an Infrastructure Engineer on securing modern infrastructure, particularly in automated and cloud environments. The curriculum covers CI/CD pipeline hardening, with a focus on tools and practices that automate trust, including infrastructure as code. Learners explore cloud-native security, using containers, Kubernetes, and service mesh solutions to build robust Azure deployments, which are increasingly integral to infrastructure. By understanding how to embed security into agile and DevOps workflows, an Infrastructure Engineer ensures the infrastructure they manage is secure from the ground up and resilient against evolving threats.
Software Development Engineer
Software Development Engineer
A Software Development Engineer designs, develops, and maintains software applications, with an increasing need to embed security into their work. This course is highly beneficial for a Software Development Engineer aiming to level up their security game. It provides essential knowledge in secure software development, covering practices like implementing effective access controls, hardening APIs, and ensuring robust web application security. Understanding secure-by-design architecture and integrating security thinking into every phase of development helps developers write more resilient code. Practical insights into application-layer security and CI/CD pipeline hardening enable a developer to contribute to building fast, deploying secure software from the very first commit.
Cybersecurity Analyst
Cybersecurity Analyst
A Cybersecurity Analyst detects, analyzes, and responds to cyber threats and vulnerabilities within an organization's systems. This course offers a deep understanding for a Cybersecurity Analyst of the attack surface within modern software development and deployment. The final topic, Threats and Attacks, which examines the landscape of threats and attack vectors targeting DevSecOps environments, is particularly relevant. Learning how to evaluate security risks across the software delivery lifecycle equips an analyst to identify weaknesses proactively. Knowledge of secure coding practices, application-layer security, and pipeline hardening enhances an analyst's ability to understand root causes of vulnerabilities and recommend effective preventative measures.
Technical Project Manager
Technical Project Manager
A Technical Project Manager oversees software development or IT projects, ensuring they are completed on time and within scope. This course offers a comprehensive understanding for a Technical Project Manager of secure software delivery, vital for managing modern projects. Knowledge of DevSecOps principles, secure software development, and CI/CD pipeline hardening enables a manager to anticipate security challenges and integrate best practices into project plans. Understanding secure-by-design software architecture and cloud-native security allows for informed decision-making regarding technical approaches. By grasping how to shift security left and embed it into every project phase, a manager can lead teams to build fast and deploy secure, mitigating risks proactively and ensuring project success.
For more career information including salaries, visit:
OpenCourser.com/course/x9w856/cyber
Reading list
We haven't picked any books for this reading list yet.
Save
Fictional story that uses DevOps principles to rescue a failing IT organization. It great way to learn about DevOps in a fun and engaging way.
Save
Provides a practical guide to software security. It covers topics such as secure coding, threat modeling, and security testing.
Save
Presents the results of a multi-year study on the impact of DevOps practices on software development performance. It provides evidence that DevOps practices can lead to significant improvements in software quality, speed, and cost.
Save
Provides a practical guide to threat modeling. It covers topics such as identifying threats, assessing risks, and mitigating vulnerabilities.
Provides a comprehensive guide to secure coding in C and C++. It covers topics such as memory management, input validation, and cryptography.
Save
Provides a gentle introduction to DevOps. It great resource for beginners who want to learn more about the basics of DevOps.
Provides a deep dive into the technical aspects of software security. It covers topics such as buffer overflows, SQL injection, and cross-site scripting.
Save
Provides a comprehensive guide to continuous delivery. It covers topics such as continuous integration, continuous testing, and continuous deployment.
Provides a guide to implementing continuous security in a DevOps environment. It covers topics such as security automation, threat detection, and incident response.
Provides a comprehensive guide to microservices. It covers topics such as microservice architecture, design, and deployment.
Provides a comprehensive guide to cloud native DevOps using Kubernetes. It covers topics such as container orchestration, service mesh, and CI/CD.
Provides a comprehensive guide to software security assessment. It covers topics such as penetration testing, vulnerability assessment, and security code review.
Save
Provides a comprehensive overview of cryptography, a fundamental aspect of secure software development. It covers encryption algorithms, digital signatures, and other essential cryptographic techniques.
This specialized book explores the use of model checking, a formal verification technique, for secure software development. It provides a deep dive into advanced security analysis and verification techniques.
Provides a comprehensive overview of modern operating systems, including topics such as security and protection. It offers insights into the underlying principles and mechanisms that are essential for secure software development.
Save
This comprehensive textbook covers a wide range of computer security topics, including secure software development. It provides a thorough understanding of the fundamental principles and best practices.
Is tailored specifically for project managers, providing guidance on how to integrate security into the software development lifecycle and manage security risks effectively.
Save
Threat modeling crucial aspect of secure software design, and this book definitive guide on the topic. It provides a structured approach to identifying potential threats and designing security controls. is essential for anyone involved in the design and architecture phases of software development.
Presents a comprehensive set of secure coding rules and guidelines developed by CERT, a leading authority in cybersecurity. It provides practical advice for developers on how to write secure code.
Is specifically tailored for web application security, addressing common vulnerabilities and providing practical guidance on how to prevent them.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/x9w856/cyber
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Effort
Up to 24hrs
Level
Introductory
Via
Coursera
Institution
Macquarie University
Instructor
Matt Bushby
Session
October 27, 2025
- December 15, 2025
Language
English
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser