Training agenda
  1. Module 1:  Realizing DevSecOps Outcomes
    • Origins of DevOps
    • Evolution of DevSecOps
    • CALMS
    • The Three Ways
  2. Module 2:  Defining the Cyberthreat Landscape
    • What is the Cyber Threat Landscape?
    • What is the threat?
    • What do we protect from?
    • What do we protect, and why?
    • How do I talk to security?
  3. Module 3:  Building a Responsive DevSecOps Model
    • Demonstrate Model
    • Technical, business and human outcomes
    • What’s being measured? 
    • Gating and thresholding
  4. Module 4:  Integrating DevSecOps Stakeholders
    • The DevSecOps State of Mind
    • The DevSecOps Stakeholders
    • What’s at stake for who?
    • Participating in the DevSecOps model
  5. Module 5:  Establishing DevSecOps Best Practices
    • Start where you are
    • Integrating people, process and technology and governance
    • DevSecOps operating model
    • Communication practices and boundaries
    • Focusing on outcomes
  6. Module 6:  Best Practices to get Started
    • The Three Ways
    • Identifying target states
    • Value stream-centric thinking
  7. Module 7:  DevOps Pipelines and Continuous Compliance
    • The goal of a DevOps pipeline
    • Why continuous compliance is important
    • Archetypes and reference architectures
    • Coordinating DevOps Pipeline construction
    • DevSecOps tool categories, types and examples
  8. Module 8:  Learning Using Outcomes
    • Security Training Options
    • Training as Policy
    • Experiential Learning
    • Cross-Skilling
    • The DevSecOps Collective Body of Knowledge
    • Preparing for the DevSecOps Foundation certification exam