Application Development Concepts
• History of Application Development
• Evolution of Application Development Methodologies
• Introduction to Application Architectures
• Introduction to the Application Development Lifecycle
• Application Testing and Quality Assurance
• Application Monitoring, Maintenance, and Support
Application Security Fundamentals
• What is Secure Application Development
• Need for Application Security
• Common Application Security Risks and Threats
• OWASP Top 10 Application Security Techniques
• Secure Design Principles
• Threat Modeling
• Secure Coding
• Secure Code Review
• SAST and DAST Testing
• Secure Configurations
• Educating Developers
• Role of Risk Management in Secure Development
• Project Management Role in Secure Application Development
Introduction to DevOps
• Introduction to DevOps
• DevOps Principles
• DevOps Pipelines
• DevOps and Project Management
Introduction to DevSecOps
• Understanding DevSecOps
• DevOps vs. DevSecOps
• DevSecOps Principles
• DevSecOps Culture
• Shift-Left Security
• DevSecOps Pipelines
• Pillars of DevSecOps
• DevSecOps Benefits and Challenges
Introduction to DevSecOps Management Tools
• Project Management Tools
• Integrated Development Environment (IDE) Tools
• Source-code Management Tools
• Build Tools
• Continuous Testing Tools
Introduction to DevSecOps Code and CI/CD Tools
• Continuous Integration Tools
• Infrastructure as Code Tools
• Configuration Management Tools
• Continuous Monitoring Tools
Introduction to DevSecOps Pipelines
• Role of DevSecOps in the CI/CD Pipeline
• DevSecOps Tools
• Embracing the DevSecOps Lifecycle
• DevSecOps Ecosystem
• Key Elements of the DevSecOps Pipeline
• Integrating Security into the DevOps Pipeline
Introduction to DevSecOps CI/CD Testing and Assessments
• Implementing Security into the CI/CD Pipeline and Security Controls
• Continuous Security in DevSecOps with Security as Code
• Continuous Application Testing for CI/CD Pipeline Security
• Application Assessments and Penetration Testing
Implementing DevSecOps Testing and Threat Modeling
• Integrating Security Threat Modeling in Plan Stage
• Integrating Secure Coding in Code Stage
• Integrating SAST, DAST, and IAST in Build and Test Stage
• Integrating RASP and VAPT in Release and Deploy Stage
Implementing DevSecOps Monitoring Feedback
• Implementing Infrastructure as Code (IaC)
• Integrating Configuration Orchestration
• Integrating Security in Operate and Monitor Stage
• Integrating Compliance as Code (CaC)
• Integrating Logging, Monitoring, and Alerting
• Integrating Continuous Feedback Loop
Top comments (0)