M
0
Zero-To-Hero Developer Security Operations Course
Published 10/2022
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 828.50 MB | Duration: 1h 57m
In this course you will learn how to create a state of the art developer security operations program.
Published 10/2022
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 828.50 MB | Duration: 1h 57m
In this course you will learn how to create a state of the art developer security operations program.
What you'll learn
Developer Security Operations Zero-to-Hero
Understand the fundamentals of leveraging the Veracode Platform as a Security Engineer.
Apply the security engineering concepts to a real use case scenario.
Work with industry recognized standard tooling from Veracode.
Work with industry recognized standard tooling from Burp Suite.
Work with industry recognized standard tooling from Elasticsearch.
Work with industry recognized standard tooling from JFROG Artifactory.
Requirements
There aren't any specific requirements for taking this course. We aim to teach novice information security professionals and experienced professionals. The audience for this curriculum range from CISOs, Security Team Leads, and Security Engineers.
Description
Our approach to culture, automation, and platform design integrates security as a shared responsibility throughout the entire IT life cycle. Our curriculum integrates automated Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Scanning, Penetration Testing, and systematic logging evaluate scanning results. Our training program teaches your team the necessary skills for implementing "shift-left" development processes. These skills, along with industry-recognized certifications and executive dashboards to monitor program progress, will help keep your assets safe. The proposed course is supported by industry recognized certificates from Veracode. At this time, there is only one research paper that describes a DevSecOps program which incorporates humanistic management principles and automated security by Shripad Nadgowda. We have developed a system that not only leverages state-of-the-art security tools, but can provide an automated system that ensures accountability and open communication amongst teams. The Net Forward Energy Ratio (NeFER) strategy principle provides a systematic process of questions that encourages individuals to take accountability for their work and encourages them to take steps in a forward direction as outlined by Bob Moore. The ideal client for this training program is a Security Engineer who works for a midsize corporation with roughly 40-50 employees.We plan to offer the best training coupled with state of the art technology and research based management practices. The target audience for this training program fall into three categories they are either a CISO, Security Team Lead, or a Security Engineer.
Overview
Section 1: Veracode
Lecture 1 Introduction to Veracode
Lecture 2 Security Champion
Lecture 3 Dynamic Analysis
Lecture 4 Understanding Dashboards
Lecture 5 Custom Dashboard Filters
Lecture 6 Customize Visualizations
Lecture 7 Save and Share Dashboards
Lecture 8 Software Composition Analysis
Lecture 9 Static Analysis
Lecture 10 Security Report
Lecture 11 Knowledge Check
Section 2: Penetration Testing
Lecture 12 Getting Started with Burp Suite
Lecture 13 Burp Proxy
Lecture 14 Burp Repeater
Lecture 15 Burp Intruder
Lecture 16 Burp Collaborator Client
Lecture 17 Burp Scanner and Summary
Section 3: Monitoring
Lecture 18 Elastic SIEM
Lecture 19 Getting Started
Lecture 20 Filebeat
Lecture 21 Filebeat AWS Module and Summary
Section 4: Center For Internet Security (CIS) Benchmark
Lecture 22 CIS Foundations Benchmark AWS IAM
Lecture 23 Storage
Lecture 24 Logging
Lecture 25 Monitoring
Lecture 26 Networking and Summary
Lecture 27 AWS IAM
Lecture 28 AWS SNS
Lecture 29 AWS S3
Lecture 30 AWS Config
Lecture 31 AWS CloudTrail
Lecture 32 AWS CloudWatch
Lecture 33 AWS CloudWatch Metrics
Lecture 34 AWS KMS
Lecture 35 Amazon SQS
Lecture 36 AWS VPC
Lecture 37 AWS Organizations
Section 5: Automated Build Scanning with Xray
Lecture 38 JFROG Xray
The purpose of this curriculum is to teach security engineering fundamentals. The concepts covered will enable individuals to be able to work independently. After establishing the processes described in the table of contents a security engineer will be able to manage the fundamental aspects of security for a company and influence organizational change. The typical timeframe for implementation is 3 months.
Download link
rapidgator.net:
You must reply in thread to view hidden text.
uploadgig.com:
You must reply in thread to view hidden text.
nitroflare.com:
You must reply in thread to view hidden text.
1dl.net:
You must reply in thread to view hidden text.
