LUMIFY AIKIN ƙwararriyar DevSecOps Mai Aikata Kai

Bayanin samfur

• Sunan samfur: Kwararren DevSecOps Mai Aikata Kai
• Abubuwan da aka haɗa: Baucan jarrabawa
• Tsawon: 60-day access lab
• Farashin (Haɗa GST): $2 051.50

Game da Practical DevSecOps

Practical DevSecOps hanya ce ta majagaba wacce ke koyar da dabarun DevSecOps, kayan aiki, da dabaru daga masana masana'antu. Yana ba da horo na fasaha na gaske ta hanyar dakunan gwaje-gwajen kan layi na zamani. Ta hanyar samun Takaddun shaida na DevSecOps, zaku iya nuna ƙwarewar ku ga ƙungiyoyi. Lumify Work Abokin Hulɗa ne na Horar da Ayyukan DevSecOps.

Me yasa Kayi Karatun Wannan Darasi?

Wannan ci-gaba na DevSecOps ƙwararrun horo an tsara shi don taimakawa ƙwararrun tsaro su kula da tsaro a sikelin ta amfani da ayyukan DevSecOps. Kwas ɗin ya ƙunshi abubuwan yau da kullun na DevOps da DevSecOps, da kuma ci-gaba da dabaru irin su Barazana Modeling kamar Code, RASP/IAST, Tsaron Kwantena, Gudanar da Asiri, da ƙari.

Wannan kwas na kai-da-kai yana samar da abubuwa masu zuwa:

• Samun damar rayuwa zuwa littafin Jagora
• Bidiyo na Darasi da Lissafin Shaida
• Zama na mintuna 30 tare da Malamai
• Samun dama ga Tashar Slack Dedicated
• 30+ Jagoran Jagora
• Lab da Jarabawa: Kwanaki 60 na Samun Lab na tushen Mai lilo
• Ƙoƙarin Jarabawa ɗaya don Takaddun shaida na DevSecOps Expert (CDE).

Abin da Za Ku Koya

• Ƙirƙirar al'adar rabawa da haɗin gwiwa tsakanin masu ruwa da tsaki
• Ƙoƙarin ma'aunin jami'an tsaro na rage harin
• Haɗa tsaro azaman ɓangare na DevOps da CI/CD
• Fara ko haɓaka shirin tsaro na aikace-aikacenku ta amfani da ayyukan Secure SDLC na zamani
• Ƙarfafa abubuwan more rayuwa ta amfani da Kayan Aiki azaman Code kuma kiyaye yarda ta amfani da Yarjejeniya azaman kayan aikin Code da dabaru
• Ƙirƙira da haɗa haɗin kai ga rashin ƙarfi don ƙididdige ƙididdiga ta gaskiya ta amfani da kayan aikin sarrafa kansa

Umarnin Amfani da samfur

Don yin mafi kyawun amfani da kwas ɗin ƙwararrun ƙwararrun DevSecOps, bi waɗannan umarnin:

Mataki 1: Shiga Kayan Kayan Kwas

1. Tabbatar kana da tsayayyen haɗin intanet.
2. Ziyarci kwas websaiti a https://www.lumifywork.com/en-au/courses/practical-devsecops-expert/.
3. Shiga cikin asusunku ta amfani da bayanan da aka bayar.
4. Samun dama ga jagorar kwas, bidiyo, da jerin abubuwan dubawa har tsawon rayuwa

Mataki na 2: Yin hulɗa da Malamai

A matsayin wani ɓangare na kwas ɗin, kuna da damar tsara zama na mintuna 30 tare da malamai. Bi waɗannan matakan:

1. Shiga tashar Slack da aka sadaukar.
2. Haɗa tare da malamai don tsara zaman ku.
3. Yayin zaman, yi tambayoyi, nemi bayani, da

Mataki 3: Kammala Ayyukan Jagora

Kwas ɗin ya ƙunshi darussan shiryarwa 30+ don ƙarfafa koyo. Bi waɗannan matakan:

1. Shiga cikin mahallin gidan bincike na tushen burauza ta amfani da bayanan da aka bayar.
2. Bi umarnin da aka bayar don kowane motsa jiki.
3. Yi aiki da dabaru, kayan aiki, da dabaru a cikin yanayin da aka kwaikwayi na zahiri.

Mataki 4: Yin Jarrabawar

Bayan kammala darussan shiryarwa da jin kwarin gwiwa a cikin ilimin ku, zaku iya gwada jarrabawar Takaddun Shaida ta DevSecOps (CDE). Ga abin da kuke buƙatar sani:

1. Ana gudanar da jarrabawar akan layi.
2. Kuna da kwanaki 60 na damar lab don shirya jarabawar.
3. Shiga cikin tashar jarrabawa ta amfani da bayanan da aka bayar.
4. Bi umarnin don kammala jarrabawar a cikin lokacin da aka tsara.
5. Bayan cin nasarar jarrabawar, za a ba ku Certified DevSecOps Expert (CDE) Certification.

CI GABA MAI INGANCI A AIKIN LUMIFY

Ayyukan DevSecOps sune majagaba na DevSecOps. Koyi dabarun DevSecOps, kayan aiki, da dabaru daga ƙwararrun masana'antu, kuma ku ƙware a haƙiƙanin fasaha a cikin ɗakunan gwaje-gwajen kan layi na zamani. Nuna ƙwarewar ku ga ƙungiyoyi ta hanyar samun Takaddun shaida na DevSecOps, tare da ilimin tushen aiki maimakon ka'ida. Lumify Work Abokin Hulɗa ne na Horar da Ayyukan DevSecOps.

ME YA SA KARATUN WANNAN DARASIN

Dukanmu mun ji labarin DevSecOps, Shifting Hagu, da Rugged DevOps amma babu takamaiman tsohonamples ko tsarin da ke akwai don ƙwararrun tsaro don aiwatarwa a cikin ƙungiyarsu.
T Hannun-hannun sa zai koya muku daidai wannan - kayan aiki da dabaru don shigar da tsaro a matsayin wani ɓangare na bututun DevOps. Za mu koyi yadda unicorns kamar Google, Facebook, Amazon, da Etsy ke kula da tsaro a sikelin da abin da za mu iya koya daga gare su don balaga da shirye-shiryen tsaro. A cikin ci gaba na horarwar ƙwararrun DevSecOps, zaku koyi yadda ake ɗaukar tsaro a sikelin ta amfani da ayyukan DevSecOps. Za mu fara tare da tushen abubuwan DevOps da DevSecOps, sannan mu matsa zuwa manyan ra'ayoyi kamar su Modeling barazanar kamar Code, RASP/IAST, Tsaron Kwantena, Gudanar da Asirin, da ƙari. Wannan kwas na kai-da-kai zai samar muku da:

Samun damar rayuwa

• Littafin koyarwa
• Bidiyo na darasi da jerin abubuwan dubawa
• Zama na mintuna 30 tare da umarni ko umarni
• Samun dama ga keɓaɓɓen tashar Slack
• motsa jiki 30+ jagora

Lab da jarrabawa:

• Kwanaki 60 na damar yin amfani da kayan bincike na tushen burauza
• Ƙoƙarin jarrabawa ɗaya don Takaddar DevSecOps Expert (CDE) Certified

ABIN DA ZAKU KOYA

• Ƙirƙirar al'adar rabawa da haɗin gwiwa tsakanin masu ruwa da tsaki
• Bayar da ƙoƙarce-ƙoƙarcen ƙungiyar tsaro don rage kai harin
• Haɗa tsaro azaman ɓangare na DevOps da CI/CD
• Fara ko haɓaka shirin tsaro na aikace-aikacenku ta amfani da ayyukan Secure SDLC na zamani
• Ƙarfafa abubuwan more rayuwa ta amfani da Kayan Aiki azaman Code kuma kiyaye yarda ta amfani da Yarjejeniya azaman kayan aikin Code da dabaru
• Ƙirƙira da haɗa haɗin kai ga rashin ƙarfi don ƙididdige ƙididdiga ta gaskiya ta amfani da kayan aikin sarrafa kansa

Malamina ya kasance mai girma iya sanya al'amuran cikin al'amuran duniya na gaske waɗanda suka shafi takamaiman halin da nake ciki. An yi mini maraba daga lokacin da na zo da ikon zama a matsayin rukuni a wajen aji don tattauna yanayinmu kuma burinmu yana da matukar amfani. Na koyi abubuwa da yawa kuma na ji yana da mahimmanci cewa an cimma burina ta halartar wannan kwas. Babban aikin Lumify Work team.

AMANDA NICOL

Yana goyon bayan SERVICES MANAGER - HEALT H DUNIYA LIMITED

DARASIN SAUKI

Ƙarsheview na DevSecOps

• Tubalan Ginin DevOps - Mutane, Tsari da Fasaha
• Ka'idodin DevOps - Al'adu, Aiki Aiki, Aunawa da Raba (CAMS)
• Fa'idodin DevOps - Sauri, Dogara, Samfura, Ƙarfafawa, Aiki da Kai, Kuɗi da Ganuwa
• Ƙarsheview na DevSecOps kayan aiki mai mahimmanci
• Kayan aikin sarrafa ma'aji
• Ci gaba da Haɗuwa da Ci gaba da tura kayan aikin
• Kayayyakin aiki azaman kayan aikin Code (IaC).
• Sadarwa da kayan aikin rabawa
• Tsaro azaman kayan aikin Code (SaC).
• Ƙarsheview na amintaccen SDLC da CI/CD
• Review na ayyukan tsaro a cikin amintaccen SDLC
• Ci gaba da Haɗuwa da Ci gaba da Aiki
• Yadda ake matsawa daga DevSecOps Maturity Model (DSUM) Mataki na 2 zuwa Mataki na 4
• Mafi kyawun ayyuka da la'akari don Matsayin Balaga na 3
• Mafi kyawun ayyuka da la'akari don Matsayin Balaga na 4
• Tsaro aiki da kai da iyakokinsa
• DSMM matakin 3 da matakin 4 kalubale da mafita

Lumify Aiki

Horar da Musamman Za mu iya ba da kuma keɓance wannan kwas ɗin horo don manyan ƙungiyoyin ceton lokaci, kuɗi da albarkatun ƙungiyar ku. Don ƙarin bayani, tuntuɓi mu akan 1 800 853 276.

Amintattun Abubuwan Bukatu da Tsarin Barazana (TM)

• Menene Ƙirar Barazana?
• Hanyoyin ST RIDE vs DREAD
• Barazana ƙirar ƙira da ƙalubalen sa
• Kayan aikin ƙirar barazanar gargajiya da yadda suka dace a bututun CI/CD
• Hannun Lab: Ƙaddamar da buƙatun tsaro azaman lamba
• Hands-on Lab: yin amfani da ThreatSpec don yin Barazana Modeling azaman Lamba
• Hannun Lab: Yin amfani da tsaro na BDD don daidaita barazanar

Advanced St at ic Analysis (SAST) a cikin bututun CI/CD

• Me yasa ƙugiya riga-kafi ba su da kyau a cikin DevSecOps
• Rubutun ka'idoji na al'ada don kawar da abubuwan karya da inganta ingancin sakamakon
• Hanyoyi daban-daban don rubuta ƙa'idodin al'ada a cikin kayan aikin kyauta da biyan kuɗi
• Kalamai na yau da kullun
• Abstract Syntax Bishiyoyin
• Zane-zane (Binciken Bayanai da Gudanarwa)
• Lab na Hannu: Rubutun cak na al'ada a cikin 'yan fashi don aikace-aikacen kasuwancin ku

Advanced Dynamic Analysis (DAST) a cikin bututun CI/CD

• Saka kayan aikin DAST cikin bututun mai
• Yin amfani da QA/Aiki ta atomatik don fitar da sikanin DAST
• Amfani da Swagger (OpenAPI) da ZAP don bincika APIs akai-akai. Hanyoyi don sarrafa ingantattun takaddun shaida na ZAP Scanner
• Amfani da Harshen Zest don samar da mafi kyawun ɗaukar hoto don binciken DAST
• Hannun Lab: ta amfani da ZAP, Selenium, da Zest don saita zurfafa bincike.
• Hannun Lab: ta amfani da Burp Suite Pro don saita kowane ƙaddamarwa / sati / kowane wata

Lura: Dalibai suna buƙatar kawo lasisin Burp Suite Pro don amfani da su a cikin CI/CD

Analysis na lokacin aiki (RASP/IAST) a cikin bututun CI/CD

• Menene Gwajin Tsaro na Aikace-aikacen Binciken Runtime?
• Bambance-bambance tsakanin RASP da IAST
• Analysis na Runtime da Kalubale
• RASP/IAST da dacewarsa a cikin bututun CI/CD
• Hands-on Lab: Ayyukan kasuwanci na kayan aikin IAST

Kayayyakin kayan more rayuwa azaman Code (IaC) da Tsaronta

• Tsaro Gudanarwar Kanfigareshan (Mai yiwuwa).
• Masu amfani/Gata/Maɓallai - Vault mai yiwuwa vs Hasumiya
• Kalubale tare da Vault mai yiwuwa a cikin bututun CI/CD
• Gabatarwa zuwa Packer
• Amfanin Packer
• Samfura, magina, masu samarwa, da masu aiwatarwa
• Packer don ci gaba da tsaro a cikin Bututun DevOps
• Kayayyakin aiki da Sabis don yin IaaC (Packer, Mai yiwuwa, da Docker)
• Hannun Lab: Amfani da Mai yiwuwa don taurare kan-prem/girgije inji don PCI DSS
• Hannun Lab: Ƙirƙiri tauraruwar hotuna na Zinare ta amfani da Packer da Mai yiwuwa

Tsaron Kwantena (Docker).

• Menene Docker?
• Docker vs Vagrant
• Tushen Docker da kalubalensa
• Rashin lahani a cikin hotuna (Na Jama'a da Masu zaman kansu)
• Ƙin kai harin sabis
• Hanyoyin Haɓaka Gata a Docker
• Rashin tsarin tsaro
• Tsaron kwantena
• Amincewa da Abun ciki da Mutunci
• Ƙarfi da wuraren suna a cikin Docker
• Rarraba hanyoyin sadarwa
• Kernel Hardening ta amfani da SecComp da AppArmor
• A tsaye Analysis na hoto (Docker).
• Tsarukan Bincike na rundunonin kwantena da daemons
• Hannun Lab: Ana duba hotunan docker ta amfani da Clair da APIs ɗin sa
• Hands-on Lab: Binciken Docker daemon da mai masaukin baki don batutuwan tsaro

Gudanar da Asirin akan Tsarin Infrast Mai Sauƙi da Mai Sauƙi

• Sarrafa asiri a cikin kayan aikin gargajiya
• Sarrafa asirin a cikin kwantena a Scale
• Gudanar da Sirri a cikin Cloud
• Sirri na Sarrafa Sigar da Sirri
• Canje-canjen Muhalli da Kanfigareshan files
• Docker, tsarin da ba a iya canzawa da ƙalubalen tsaro
• Gudanar da asirin tare da Hashicorp Vault da Consul
• Hannun Lab: Ajiye maɓallan ɓoyewa da sauran sirrin ta amfani da Vault/Consul

Babban Gudanar da Rashin Lafiya

• Hanyoyi don sarrafa raunin da ke cikin ƙungiyar
• Karya tabbatacce kuma
• Karya Mara kyau
• Al'adu da Gudanar da Rashin Lafiya
• Ƙirƙirar ma'auni daban-daban don CXOs, devs da ƙungiyoyin tsaro Hand-on Lab: Amfani da Defect Dojo don sarrafa rauni

WANE DARASIN GA WAYE?
Wannan kwas ɗin yana nufin duk wanda ke neman shigar da tsaro azaman yanki na agile / Cloud / DevOps, kamar ƙwararrun Tsaro, Masu Gwajin Shiga, Manajan IT, Masu haɓakawa da Injiniya DevOps.

SHARI'A

Mahalarta darasi dole ne su sami ƙwararren DevSecOps Professional (CDP) takaddun shaida. Hakanan yakamata su sami ainihin fahimtar ayyukan tsaro na aikace-aikacen kamar SAST, DAST, da sauransu.

Samar da wannan kwas ta Lumify Work ana sarrafa shi ta sharuɗɗan yin rajista da sharuɗɗan. Da fatan za a karanta sharuɗɗan a hankali kafin yin rajista a cikin wannan kwas, saboda rajista a cikin kwas ɗin e yana da sharadi akan karɓar waɗannan sharuɗɗan da sharuɗɗan.

https://www.lumifywork.com/en-au/courses/practical-devsecops-expert/

• training@lumifywork.com
• lufywork.com
• facebook.com/LumifyWorkAU
• linkedin.com/company/lumify-work
• twitter.com/LumifyWorkAU
• youtube.com/@lumifywork

Takardu / Albarkatu

KYAUTA AIKI ƙwararren DevSecOps Mai Haɓakawa [pdf] Jagorar mai amfani Kwararren DevSecOps Mai Haɓaka Kai, Ƙwararru na DevSecOps, Ƙwararru na DevSecOps, Ƙwararrun DevSecOps, Ƙwararru

Magana

• Manual mai amfani