Skip to main content

Home > Trainings > Certified Security Champion

Certified Security Champion

The Certified Security Champion course provides engineers with practical hands-on knowledge to help them in building more secure web applications. Students will learn to develop trustworthy web applications while avoiding common security pitfalls, using best practices and industry frameworks.

Download Brochure Download Brochure

Training Schedule

Please contact for more details


Self-paced Learning Mode
Browser-based Lab Access
24/7 Instructor Support via Mattermost

Course Objective

  • Building solid foundations that are required to understand the application security landscape
  • Building foundational knowledge required to work with infrastructure security
  • Understanding the wide range of skills and abilities that are required to be a security champion
  • Embedding security while creating, running, and maintaining modern applications
  • Gaining abilities to apply practical application security skills in a real-world environment
  • Gaining skills and knowledge to liaise with security and other departments to make everyone responsible for the security
  • Gaining analytical abilities to observe and advise various security controls, and solutions to secure DevOps
  • Understanding the fundamentals of assessing and managing risks

Course Agenda

Module 1: AppSec Basics

  1. Introduction to Application Security
  2. HTTP Security Basics
  3. Introduction to Burp Suite
  4. OWASP Top 10 Basics

Module 2: Secure Code Review

  1. What is Secure Code Review?
  2. How to approach Secure code review
  3. Tools of the trade
  4. Reviewing the code from a security perspective

Module 3: Primer on Risk Management

  1. Introduction to Risk management
  2. Risk Assessment
  3. Risk Calculation
  4. Risk Treatment
  5. Plan, design, and implement a risk-management process
  6. Understand the current threat landscape
  7. Continuously improve security systems to reduce risk exposure
  8. Ensure business continuity while reducing the risks to the organization

Module 4: Threat Modeling

  1. What is Threat Modelling?
  2. Risk Management vs. Threat modelling
  3. STRIDE vs. DREAD approaches
  4. Threat Modeling Process and its challenges
  5. Classical Threat modeling tools and how they fit in CI/CD pipeline

Module 5: DevSecOps Basics

  1. DevOps Building Blocks – People, Process, and Technology
  2. DevOps Principles – Culture, Automation, Measurement and Sharing (CAMS)
  3. Benefits of DevOps – Speed, Reliability, Availability, Scalability, Automation, Cost, and Visibility
  4. Overview of the DevSecOps critical toolchain
  5. Common Challenges faced when using the DevOps principles
  6. Secure SDLC

Module 6: Infrastructure as Code and Its Security

  1. Infrastructure as Code and its benefits
  2. Platform + Infrastructure Definition + Configuration Management
  3. Introduction to Ansible
  4. Benefits of Ansible
  5. Push and Pull based configuration management systems
  6. Modules, tasks, roles, and Playbooks
  7. Tools and Services that help to achieve IaC

Module 7: Agile Communications, Collaboration, and Soft Skills

  1. The need for Agile communication and collaboration
  2. How to handle conflicting priorities among teams
  3. How to work security teams to find common ground
  4. Holding people accountable for security
  5. Staying empathetic and assertive
  6. Plan, design, and implement processes to resolve any issues among the teams

Exam & Certification

  1. After completing the course, you can schedule the CSC exam on your preferred date.
  2. Process of achieving Practical DevSecOps CSC Certification can be found here.


Are there any pre-requisites for this course?

  1. Foundational knowledge of software development life cycle
  2. Understanding of developing or testing web applications

How do I need to take the exam?

TaUB Solutions will request the examinations together with your registration. The exam should be taken at the end of the course. Results are available within 5 working days.

Enroll Now

The session was delivered effectively. It was very interactive with on the job examples. I learned a lot and plan to implement them. Thanks Suresh GP for such a wonderful session.

Sheethal Sudheer BRMPBRM, Business Owner DevSecOps tools, Digital Transformation, Process Management

It was a very interactive session with a lot of real life examples. Very good and informative session by
Suresh GP

Vijaykumar TCVice President - Citi Technology Infrastructure

The CBRM training offered through TaUB Solutions is an excellent course. I first heard Suresh speak a few years back at the BRMConnect conference and taking this course solidified my opinion and respect of Suresh’s vast knowledge of BRM discipline

Michelle Day, CBRM®Director, Business Relationship Management

The training was absolutely fantastic, Extremely valuable.
It changes the way we look at SRE. Suresh was BEST instructor you could ask for, more importantly,
he was helping with real world problems based on his experiences.

Praveen PatilSenior Engineering Manager at Lowe's Companies, Inc.