Skip to main content


Home > Trainings > Certified DevSecOps Expert

Certified DevSecOps Expert

The most comprehensive DevSecOps certification in the world, become a Certified DevSecOps Expert by learning to write custom roles for OS hardening, infrastructure as code, compliance as code and perform vulnerability management at scale, with hands-on advanced training in our state of the art labs.

Download Brochure Download Brochure

Training Schedule

Please contact for more details


Two Days

16 hours of Instructor-led training classes

Case Study

Share relevant Industry Insights

By Practioners

Shares real-world experience

Course Objective

We all have heard about DevSecOps, Shifting Left, Rugged DevOps but there are no clear examples or frameworks available for security professionals to implement in their organization. This hands-on course will teach you exactly that, tools and techniques to embed security as part of the DevOps pipeline. We will learn how unicorns like Google, Facebook, Amazon, Etsy handle security at scale and what we can learn
from them to mature our security programs.

Course Agenda

Module 1: Overview of DevSecOps

  1. DevOps Building Blocks- People, Process and Technology.
  2. DevOps Principles – Culture, Automation, Measurement and Sharing (CAMS)
  3. Benefits of DevOps – Speed, Reliability, Availability, Scalability, Automation, Cost and Visibility.
  4. Overview of the DevSecOps critical toolchain.
  1.  Overview of secure SDLC and CI/CD.
  2. Review of security activities in secure SDLC.
  3. Continuous Integration and Continuous Deployment.
  4. How to move from DevSecOps Maturity Model (DSOMM) Level 2 to Level 4.

Module 2: Security Requirements and Threat Modelling (TM)

  1. What is Threat Modelling?
  2. STRIDE vs DREAD approaches
  3. Threat modeling and its challenges.
  4. Classical Threat modeling tools and how they fit in CI/CD pipeline

Module 3: Advanced Static Analysis(SAST) in CI/CD pipeline

  1. Why pre-commit hooks are not a good fit in DevSecOps.
  2. Writing custom rules to weed out false positives and improve the quality of the results.
  3. Various approaches to write custom rules in free and paid tools.

Module 4: Advanced Dynamic Analysis(DAST) in CI/CD pipeline

  1. Embedding DAST tools into the pipeline.
  2. Leveraging QA/Performance automation to drive DAST scans.
  3. Using Swagger (OpenAPI) and ZAP to scan APIs iteratively.
  4. Ways to handle custom authentications for ZAP Scanner.
  5. Using Zest Language to provide better coverage for DAST scans.

Module 5: Runtime Analysis(RASP/IAST) in CI/CD pipeline

  1. What is Runtime Analysis Application Security Testing?.
  2. Differences between RASP and IAST.
  3. Runtime Analysis and challenges.
  4. RASP/IAST and its suitability in CI/CD pipeline.

Module 6: Infrastructure as Code(IaC) and Its Security

  1. Configuration management (Ansible) security.
    1. Users/Privileges/Keys – Ansible Vault vs Tower.
    2. Challenges with Ansible Vault in CI/CD pipeline.
  2. Introduction to Packer
    1. Benefits of Packer.
    2. Templates, builders, provisioners, and post processors.
    3. Packer for continuous security in DevOps Pipelines.
  3. Tools and Services for practicing IaaC ( Packer + Ansible + Docker )

Module 7: Container (Docker) Security

  1. What is Docker
  2. Docker vs Vagrant
  3. Basics of Docker and its challenges
  4. Container Security.
  5. Static Analysis of container(Docker) images.
  6. Dynamic Analysis of container hosts and daemons

Module 8: Secrets management on mutable and immutable infra

  1. Managing secrets in traditional infrastructure.
  2. Managing secrets in containers at Scale.
  3. Secret Management in Cloud

Module 9: Advanced vulnerability management

  1. Approaches to manage the vulnerabilities in the organization.
  2. False positives and False Negatives.
  3. Culture and Vulnerability Management.
  4. Creating different metrics for CXOs, devs and security teams.

Exam & Certification

Our certifications are well recognized in the industry as we ensure our students gain practical skills to
implement DevSecOps. To ensure we deliver on our promise, we have a rigorous certification program.
CDE exam is an online, task-oriented exam where you attempt to solve 5 challenges (tasks) in a
span of 24 hours. The exam is based on the content covered in the course but might require further
research to pass the exam. Once the exam is done, you have 24 hours to send us the exam report.

The student needs to achieve at least 70 points (70%) to achieve the CDE certification.


Are there any pre-requisites for this course?

  1. Course participants must have the Certified DevSecOps Professional (CDP) certification.
  2. Course participants should have a basic understanding of Application Security Practices like SAST, DAST, etc.,

How do I need to take the exam?

TaUB Solutions will request the examinations together with your registration. The exam should be taken at the end of the course. Results are available within 5 working days.

Enroll Now

The session was delivered effectively. It was very interactive with on the job examples. I learned a lot and plan to implement them. Thanks Suresh GP for such a wonderful session.

Sheethal Sudheer BRMPBRM, Business Owner DevSecOps tools, Digital Transformation, Process Management

It was a very interactive session with a lot of real life examples. Very good and informative session by
Suresh GP

Vijaykumar TCVice President - Citi Technology Infrastructure

The CBRM training offered through TaUB Solutions is an excellent course. I first heard Suresh speak a few years back at the BRMConnect conference and taking this course solidified my opinion and respect of Suresh’s vast knowledge of BRM discipline

Michelle Day, CBRM®Director, Business Relationship Management

The training was absolutely fantastic, Extremely valuable.
It changes the way we look at SRE. Suresh was BEST instructor you could ask for, more importantly,
he was helping with real world problems based on his experiences.

Praveen PatilSenior Engineering Manager at Lowe's Companies, Inc.