Overview
Overview
COURSE DESCRIPTION
DevSecOps and AWS Cloud Security Engineering
Market Demand for DevSecOps
- The global DevSecOps market was valued at approximately USD $8.84 billion in 2024 and is projected to grow to USD $20.24 billion by 2030, representing a Compound Annual Growth Rate (CAGR) of about 13.2%. Grand View Research
- Some industry sources estimate even higher growth, with a projected CAGR of ~24.1% from 2021–2028, and a potential market size of USD $41.66 billion by 2030. StrongDM+1
- The demand for DevSecOps talent is rising faster than traditional DevOps, driven by the increasing need to “shift security left” and integrate automated security into CI/CD workflows. Forbes+1
- Survey data indicates a critical skills gap: many organizations report difficulty finding professionals with combined development + security + operations expertise. Brokee
CORE TOOLS
- Version Control: Git, GitLab, GitHub
- CI/CD: Jenkins, GitLab CI, GitHub Actions, CircleCI
- IaC: Terraform, Ansible, CloudFormation
- Containers: Docker, Kubernetes, OpenShift
- SAST: SonarQube, Fortify, Checkmarx, Semgrep
- SCA: Snyk, OWASP Dependency-Check, Mend (formerly WhiteSource)
- DAST: OWASP ZAP, Burp Suite, Acunetix
- Secrets Management: HashiCorp Vault, AWS Secrets Manager, Azure Key Vault
- Monitoring: Prometheus, Grafana, ELK Stack, Splunk
- Compliance: InSpec, OpenSCAP, Chef Compliance
Course Features
- Lectures 68
- Quiz 0
- Duration 10 weeks
- Skill level All levels
- Language English
- Students 50
- Assessments Yes
Curriculum
Curriculum
Curriculum
- 17 Sections
- 68 Lessons
- 10 Weeks
Expand all sectionsCollapse all sections
- PHASE 0: FOUNDATIONAL PREREQUISITE SKILLS (Weeks 1-2)Goal: Bridge knowledge gaps and ensure all students start Phase 1 with essential technical skills0
- Week 1: Linux & Command Line Mastery5
- 2.1Module 0.1: Linux Fundamentals & Distributions (Ubuntu, CentOS)
- 2.2Module 0.2: File System Navigation & Permissions (chmod, chown, ACLs)
- 2.3Module 0.3: Process Management & System Monitoring (ps, top, htop)
- 2.4Module 0.4: Networking Commands (netstat, ss, curl, wget, iptables basics)
- 2.5Module 0.5: Text Processing (grep, sed, awk, cut) & Shell Scripting Basics
- Hands-on Lab:0
- Week 2: Programming & Networking Fundamentals6
- 4.1Module 0.6: Python for Security Automation (Syntax, Data Types, Loops, Functions)
- 4.2Module 0.7: Working with APIs & JSON/XML Parsing
- 4.3Module 0.8: Web Fundamentals (HTTP/S, REST APIs, Headers, Cookies)
- 4.4Module 0.9: Networking Concepts (OSI Model, TCP/IP, Subnetting, DNS, Firewalls)
- 4.5Module 0.10: Basic Git Operations (Clone, Commit, Push, Pull, Branching)
- 4.6Hands-on Lab: Writing Python scripts for log analysis, creating API clients, building simple web applications
- PHASE 1: DEVOPS FOUNDATIONS & SECURITY MINDSET (Weeks 3-6)Goal: Establish DevOps culture and core practices with security integration from day one0
- Week 3: DevOps Principles & Culture5
- 6.1Module 1.1: DevOps Philosophy & Three Ways (Flow, Feedback, Continuous Learning)
- 6.2Module 1.2: DevSecOps Evolution & Business Value
- 6.3Module 1.3: Shift-Left Security Methodology
- 6.4Module 1.4: Advanced Git Security (Branch Protection, Signed Commits, Hooks)
- 6.5Hands-on Lab: Setting up secure Git workflows with branch protection, signed commits, and pre-commit hooks
- Week 4: Infrastructure as Code (IaC) Security5
- 7.1Module 2.1: Terraform/CloudFormation Security Best Practices
- 7.2Module 2.2: IaC Scanning Tools (Checkov, tfsec, cfn_nag)
- 7.3Module 2.3: Configuration Management Security (Ansible, Puppet, Chef)
- 7.4Module 2.4: Policy as Code (Open Policy Agent, Sentinel)
- 7.5Hands-on Lab: Building secure infrastructure with automated compliance checks
- Week 5: Container & Orchestration Security5
- 8.1Module 3.1: Docker Security Best Practices (Image signing, user namespace, seccomp)
- 8.2Module 3.2: Container Image Scanning (Trivy, Clair, Docker Scout)
- 8.3Module 3.3: Kubernetes Security Hardening (RBAC, Pod Security Standards, Network Policies)
- 8.4Module 3.4: Service Mesh Security (Istio, Linkerd mTLS implementation)
- 8.5Hands-on Lab: Deploying secure Kubernetes cluster with admission controllers
- Week 6: Cloud Platform Security Foundations6
- 9.1Module 4.1: AWS/Azure/GCP Identity & Access Management
- 9.2Module 4.2: Cloud Security Posture Management (CSPM) Tools
- 9.3Module 4.3: Serverless Security Considerations
- 9.4Module 4.4: Secrets Management (HashiCorp Vault, AWS Secrets Manager)
- 9.5Hands-on Lab: Implementing cloud security controls across multi-cloud environment
- 9.6End of Phase 1 Project: Secure Infrastructure Pipeline with compliance gates
- PHASE 2: SECURE CI/CD PIPELINE CONSTRUCTION (Weeks 7-10)Goal: Build automated pipelines with integrated security at every stage0
- Week 7: CI/CD Pipeline Architecture & Security5
- 11.1Module 5.1: Pipeline Design Patterns (Blue/Green, Canary, Feature Flags)
- 11.2Module 5.2: Jenkins Security Hardening (Master/Agent, Credentials, RBAC)
- 11.3Module 5.3: GitLab CI/CD Security Features
- 11.4Module 5.4: GitHub Actions Security Best Practices
- 11.5Hands-on Lab: Building Jenkins pipeline with security plugins and secure configuration
- Week 8: SAST & SCA Integration5
- 12.1Module 6.1: Static Application Security Testing (SonarQube, Fortify, Checkmarx)
- 12.2Module 6.2: Software Composition Analysis (OWASP Dependency-Check, Snyk, WhiteSource)
- 12.3Module 6.3: License Compliance Scanning (FOSSA, Black Duck)
- 12.4Module 6.4: Custom Rule Development for SAST
- 12.5Hands-on Lab: Integrating multiple SAST tools with failure thresholds in pipeline
- Week 9: DAST & Runtime Security5
- 13.1Module 7.1: Dynamic Application Security Testing (OWASP ZAP, Burp Suite)
- 13.2Module 7.2: Interactive Application Security Testing (IAST) Tools
- 13.3Module 7.3: API Security Testing (Postman, Swagger, API Fortress)
- 13.4Module 7.4: Runtime Application Self-Protection (RASP) Concepts
- 13.5Hands-on Lab: Automated DAST scanning in staging environments with risk-based assessment
- Week 10: Security Gates & Quality Gates5
- PHASE 3: ADVANCED DEVSECOPS PRACTICES & EC-COUNCIL FRAMEWORK (Weeks 11-14)6
- 15.1Week 11: Threat Modeling & Secure Design
- 15.2Module 9.1: STRIDE, DREAD, PASTA Threat Modeling Methodologies
- 15.3Module 9.2: Threat Modeling Tools (Microsoft Threat Modeling Tool, IriusRisk)
- 15.4Module 9.3: Architecture Risk Analysis
- 15.5Module 9.4: Secure Coding Standards & Guidelines
- 15.6Hands-on Lab: Conducting threat modeling sessions for microservices architecture
- Week 12: Compliance as Code & Audit Automation5
- 16.1Module 10.1: Regulatory Frameworks (NIST, ISO 27001, SOC 2, PCI-DSS)
- 16.2Module 10.2: Compliance as Code Tools (InSpec, Chef Compliance)
- 16.3Module 10.3: Continuous Compliance Monitoring
- 16.4Module 10.4: Audit Evidence Automation
- 16.5Hands-on Lab: Building automated compliance checks for PCI-DSS requirements
- Week 13: Incident Response & Chaos Engineering5
- 17.1Module 11.1: DevSecOps Incident Response Planning
- 17.2Module 11.2: Security Chaos Engineering (Netflix’s Chaos Monkey, Gremlin)
- 17.3Module 11.3: Digital Forensics in Container Environments
- 17.4Module 11.4: Blameless Postmortems & Continuous Improvement
- 17.5Hands-on Lab: Running chaos experiments on production-like environments
Instructor
Instructor
Requirements
- Students only need a laptop, internet access, and the willingness to learn hands-on each week—no prior cybersecurity or cloud experience required.
Features
- • 24-Week Structured Learning Path covering Linux, Cloud, DevOps, Security, and Kubernetes from beginner to advanced levels. • 100% Hands-On Training with real-world labs, cloud environments, and guided projects each week. • Industry-Standard Tools & Technologies including AWS, Terraform, GitHub Actions, Jenkins, Docker, Kubernetes, Splunk, OPA, Vault, CodeQL, SonarQube, Trivy, and more. • Fully Integrated DevSecOps Pipeline teaching SAST, SCA, DAST, Secrets Scanning, IaC Security, Supply Chain Security, and Compliance-as-Code. • Real Cloud Security Experience with AWS IAM, VPC, GuardDuty, Security Hub, WAF, CloudTrail, and Config. • Enterprise Security & SIEM Training using Splunk, ELK, detection engineering, MITRE ATT&CK, and threat hunting. • Policy & Compliance Automation mapped to NIST, FedRAMP, CIS Benchmarks, and Zero Trust principles. • Dedicated Career Preparation including resume review, portfolio projects, GitHub profile optimization, and interview preparation. • Final Capstone Project deploying a full end-to-end DevSecOps architecture from code → cloud → Kubernetes → monitoring. • No Prior Experience Required—beginner-friendly curriculum designed to advance students into professional DevSecOps roles.
Target audiences
- • Cloud Security Engineer • DevSecOps Engineer • Cybersecurity Engineer • Infrastructure Security Engineer
You May Like
You May Like
MASTER CLASS IAM, CLOUD & DEVSECOPS ENGINEER
COURSE DESCRIPTION DevSecOps and AWS Cloud Security Engineering Market Demand for DevSecOps
76
50
students
Free
CLOUD SECURITY ENGINEER
SKILL NEEDED FOR THE MOST DEMANDING CAREER ESTIMATED TRAINING DURATION Duration: 12 Weeks (Full-Time) |Prerequisites: Basic IT knowledge (networking, OS fundamentals)Outcome: Job-ready Cloud Security Engineer + Preparation...
56
50
students
Free
CLOUD SECURITY & DEVSECOPS ENGINEER
Course Description DevSecOps and AWS Cloud Security Engineering Market Demand for DevSecOps
88
60
students
Free