Students will learn the fundamentals of DevOps and how DevOps teams can build and deliver secure software.
In a time when the drive for technology efficiencies has left security in the dust, organizations focused on developing code are now starting to realize the true importance of what secure DevOps means. DevOps security or DevSecOps is a set of practices, tools, and cultural principles that combine the worlds of software development, IT operations, and security to allow organizations to deliver applications and services at scale both quickly and securely.
DirectDefense’s Managing Principal Application Security Consultant Gregory Leonard is scheduled to instruct SANS Institute’s SEC534: Secure DevOps: A Practical Introduction, a two-day live, virtual course taking place August 15 – 16, 2022. The course is also available for instruction on-demand and in-person.
If you’re a DevOps professional with a basic understanding of common vulnerabilities and attacks and application security and are eager to learn how your organization can implement Secure DevOps, this course is for you. SEC534 will explain the fundamentals of DevOps and how DevOps teams can build and deliver secure software. Students will learn how DevOps principles, practices, and tools can be leveraged to improve the reliability, integrity, and security of systems.
Students will also gain hands-on training using popular open-source tools to automate configuration management, continuous integration, continuous delivery, containerization, and more, including:
About Greg Leonard
Greg is a Managing Principal Application Security Consultant for DirectDefense where he helps clients secure their applications by performing penetration tests, secure code reviews, and risk assessments. Over the course of his career, Greg has been responsible for application architecture and security, infrastructure design and implementation, performance diagnostics, and security research. At SANS, Greg has authored application security content related to secure coding for web and mobile applications, threat awareness, and top development design flaws, as well as contributing to DevSecOps and cloud security content. He is a SANS Certified Instructor teaching both SEC534: Secure DevOps: A Practical Introduction and SEC540: Cloud Security and DevOps Automation.