Zero-to-Hero Developer Security Operations Course

Name: Zero-to-Hero Developer Security Operations Course
Rating: 3.3 (10 reviews)

In this course you will learn how to create a state of the art developer security operations program.

Created byEvan Gertis

Last updated 10/2022

English

What you'll learn

Developer Security Operations Zero-to-Hero
Understand the fundamentals of leveraging the Veracode Platform as a Security Engineer.
Apply the security engineering concepts to a real use case scenario.
Work with industry recognized standard tooling from Veracode.
Work with industry recognized standard tooling from Burp Suite.
Work with industry recognized standard tooling from Elasticsearch.
Work with industry recognized standard tooling from JFROG Artifactory.

Course content

5 sections • 38 lectures • 1h 58m total length

Introduction to Veracode3:05
Security Champion1:38
Dynamic Analysis8:04
Understanding Dashboards0:57
Custom Dashboard Filters0:48
Customize Visualizations0:49
Save and Share Dashboards0:59
Save and share dashboards to create an evidential history of security work for upper management, using the Veracode platform to export dashboards, choose Excel format, and share results.
Software Composition Analysis6:21
Learn how to start using Varicode software composition analysis to inventory third-party components, identify vulnerabilities, and scan compiled applications via upload-and-scan or agent-based methods.
Static Analysis4:37
Learn how to perform static analysis with SAST on Java, C#, and microservices using the Varicode platform. Upload binaries, configure scans, manage auto scan, and review results.
Security Report1:21
Knowledge Check8:55

CIS Foundations Benchmark AWS IAM3:28
Master the CIS benchmark for AWS resources and identity and access management with IAM, enabling granular, least-privilege permissions, MFA, and guided setup with the Getting Started guide.
Storage3:12
Logging3:19
Monitoring3:56
Networking and Summary4:21
AWS IAM1:52
AWS SNS1:50
AWS S32:10
AWS Config2:23
AWS CloudTrail2:08
AWS CloudWatch1:51
AWS CloudWatch Metrics1:49
AWS KMS2:14
Amazon SQS2:01
AWS VPC2:22
AWS Organizations1:52

Requirements

There aren't any specific requirements for taking this course. We aim to teach novice information security professionals and experienced professionals. The audience for this curriculum range from CISOs, Security Team Leads, and Security Engineers.

Description

Welcome to our approach to culture, automation, and platform design, where we forge your team's security skills like a sword. We integrate security as a shared responsibility throughout the entire IT life cycle and equip your team with the necessary skills for implementing "shift-left" development processes, like honing and sharpening a dagger.

Our curriculum includes automated Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Scanning, Penetration Testing, and systematic logging to evaluate scanning results, like the fire that fuels your passion for security. And with industry-recognized certifications and executive dashboards to monitor program progress, we'll help keep your assets safe.

Our training program is supported by industry-recognized certificates from Veracode, like the foundation and structure of your sword. We've developed a system that not only leverages state-of-the-art security tools but also provides an automated system that ensures accountability and open communication amongst teams, like the etiquette and grace that a warrior carries on and off the battlefield.

We follow the Net Forward Energy Ratio (NeFER) strategy principle, which provides a systematic process of questions that encourages individuals to take accountability for their work and encourages them to take steps in a forward direction, like a warrior who plans their battles wisely.

Our ideal client for this training program is a Security Engineer who works for a midsize corporation with roughly 40-50 employees. We'll offer the best training coupled with state-of-the-art technology and research-based management practicesto help you wield your security skills like a sword.

The target audience for this training program falls into three categories - CISO, Security Team Lead, or Security Engineer - each with their own unique challenges and opportunities, like the different battles that a warrior faces.

Join us on this journey to become security experts, where we'll hone your skills like a dagger, fuel your passion like fire, and equip you with the knowledge and tools to protect your organization's assets.

Who this course is for:

The purpose of this curriculum is to teach security engineering fundamentals. The concepts covered will enable individuals to be able to work independently. After establishing the processes described in the table of contents a security engineer will be able to manage the fundamental aspects of security for a company and influence organizational change. The typical timeframe for implementation is 3 months.

Zero-to-Hero Developer Security Operations Course

What you'll learn

Explore related topics

Course content

Veracode11 lectures • 38min

Penetration Testing6 lectures • 22min

Monitoring4 lectures • 14min

Center For Internet Security (CIS) Benchmark16 lectures • 41min

Automated Build Scanning with Xray1 lecture • 4min

Requirements

Description

Who this course is for: