DevSecOps Foundation (DSOF) Certification Training

Course 3687

  • Duration: 2 days
  • Exam Voucher: Yes
  • Language: English
  • 16 PMI PDUs
  • Level: Intermediate

A DevSecOps Engineer is an IT Security professional who is skilled at security as code with the intent of making security and compliance consumable as a service. A DevSecOps Engineer uses data and security science as its primary means of protecting the organization and customer.

This training addresses the purpose, benefits, concepts and vocabulary of DevSecOps, how DevOps security practices differ from other types of security approaches, and an overview of DevOps security strategies, including business-driven security scores.

DevSecOps Foundation (DSOF) Training Delivery Methods

  • Train your whole team by bringing this course to your facility

    • In-Person
    • Online

DevSecOps Foundation (DSOF) Certification Training Course Benefits

In this DevSecOps course, you will learn how to:

  • Explain the purpose, benefits, concepts and vocabulary of DevSecOps.
  • Differentiate DevOps security practices from other security approaches.
  • Focus on Business-driven security strategies.
  • Apply data and security sciences.
  • Benefit from Security Testing with Red and Blue Teams.
  • Integrate security into Continuous Delivery workflows.
  • Integrate DevSecOps roles with a DevOps culture and organization.


Familiarity with IT software development and operations responsibilities

Exam Information

  • 40 multiple choice questions, closed book
  • 90 min, additional 15 minutes is granted to non-native English speakers
  • 65% pass
  • DOI exams are administered by Kryterion Global Testing Solutions
  • To maintain the value and integrity of the certification, all candidates are required to attend approved DOI classes through one of the DOI REPs (Registered Education Providers) to be eligible to sit the exam.

DevSecOps Foundation Training Outline

  • What is DevOps?
  • DevOps Goals
  • DevOps Values
  • DevOps Stakeholders
  • Key Terms and Concepts
  • Why DevSecOps is important
  • 3 Ways to Think About DevOps+Security
  • Key Principles of DevSecOps
  • Key Terms and Concepts
  • Incentive Model
  • Resilience
  • Organizational Culture
  • Generativity
  • Erickson, Westrum, and LaLoux
  • Key Terms and Concepts
  • How Much Security is Enough?
  • Threat Modeling
  • Context is Everything
  • Risk Management in a High-velocity World
  • Avoiding the Checkbox Trap
  • Basic Security Hygiene
  • Architectural Considerations
  • Federated Identity
  • Log Management
  • Key Terms and Concepts
  • IAM Basic Concepts
  • Why IAM is Important
  • Implementation Guidance
  • Automation Opportunities
  • How to Hurt Yourself with IAM
  • Application Security Testing (AST)
  • Testing Techniques
  • Prioritizing Testing Techniques
  • Issue Management Integration
  • Threat Modeling
  • Leveraging Automation
  • Key Terms and Concepts
  • Basic Security Hygiene Practices
  • Role of Operations Management
  • The Ops Environment
  • Key Terms and Concepts
  • What is GRC?
  • Why Care About GRC?
  • Rethinking Policies
  • Policy as Code
  • Shifting Audit Left
  • 3 Myths of Segregation of Duties vs. DevOps
  • Key Terms and Concepts
  • Setting Up Log Management
  • Incident Response and Forensics
  • Threat Intelligence and Information Sharing

Need Help Finding The Right Training Solution?

Our training advisors are here for you.

DevSecOps Foundation (DSOF) Course FAQs

DevOps Institute (DOI) believes certification reflects the quality of your training experience. To maintain the value and integrity of the certification, all candidates are required to attend approved DOI classes through a REP like Learning Tree in order to be eligible to sit the exam.

16 PMI PDUs (Although DOI has not currently been issued an official code to submit for PMI PDU credit, you can submit for credit successfully by way of the “Other” category at the PMI website. Essentially, 1 PDU credit per hour of instructor-led training (So, in the case of DevOps Foundation, 16 credits would be applicable).

  • Participate in unique activities designed to apply training
  • Take sample documents, templates, tools and techniques with you post-training
  • Exam is included to test for certification
Chat With Us