DevSecOps Certified Professional Online Training

• Let’s Understand about Software Development Model
• Overview of Waterfall Development Model
• Challenges of Waterfall Development Model
• Overview of Agile Development Model
• Challenges of Agile Development Model
• Requirement of New Software Development Model
• Understanding an existing Pain and Waste in Current Software Development Model
• What is DevOps?
• Transition in Software development model
• Waterfall -> Agile -> CI/CD -> DevOps -> DevSecOps
• Understand DevOps values and principles
• Culture and organizational considerations
• Communication and collaboration practices
• Improve your effectiveness and productivity
• DevOps Automation practices and technology considerations
• DevOps Adoption considerations in an enterprise environment
• Challenges, risks and critical success factors
• What is DevSecOps?
• Let’s Understand DevSecOps Practices and Toolsets.

• What is SRE?
• Let’s Understand SRE Practices and Toolsets.
• List of Tools to become Full Stack Developer/QA/SRE/DevOps/DevSecOps
• Microservices Fundamentals
• Microservices Patterns
• Choreographing Services
• Presentation components
• Business Logic
• Database access logic
• Application Integration
• Modelling Microservices
• Integrating multiple Microservices
• Keeping it simple
• Avoiding Breaking Changes
• Choosing the right protocols
• Sync & Async
• Dealing with legacy systems
• Testing
• What and When to test
• Preparing for deployment
• Monitoring Microservice Performance
• Tools used for Microservices Demo using container

Ubuntu

• Installing CentOS7 and Ubuntu
• Accessing Servers with SSH
• Working at the Command Line
• Reading Files
• Using the vi Text Editor
• Piping and Redirection
• Archiving Files
• Accessing Command Line Help
• Understanding File Permissions
• Accessing the Root Account
• Using Screen and Script
• Overview of Hypervisor
• Introduction of VirtualBox
• Install VirtualBox and Creating CentOS7 and Ubuntu Vms

Vagrant

• Understanding Vagrant
• Basic Vagrant Workflow
• Advance Vagrant Workflow
• Working with Vagrant VMs
• The Vagrantfile
• Installing Nginx
• Provisioning
• Networking
• Sharing and Versioning Web Site Files
• Vagrant Share
• Vagrant Status
• Sharing and Versioning Nginx Config Files
• Configuring Synced Folders

• Planning - Discuss some of the Small Project Requirement which include
• Login/Registertration with Some Students records CRUD operations.
• Design a Method --> Classes -> Interface using Core Python
• Fundamental of Core Python with Hello-world Program with Method --> Classes
• Coding in Flask using HTMl - CSS - JS - MySql
• Fundamental of Flask Tutorial of Hello-World APP
• UT - 2 Sample unit Testing using Pythontest
• Package a Python App
• AT - 2 Sample unit Testing using Selenium

Technology Demonstration

• Software Planning and Designing using JAVA
• Core Python
• Flask
• mySql
• pytest
• Selenium
• HTMl
• CSS
• Js.

• Introduction of Git
• Installing Git
• Configuring Git
• Git Concepts and Architecture
• How Git works?
• The Git workflow
• Working with Files in Git
• Adding files
• Editing files
• Viewing changes with diff
• Viewing only staged changes
• Deleting files
• Moving and renaming files
• Making Changes to Files

• Undoing Changes
• - Reset
• - Revert
• Amending commits
• Ignoring Files
• Branching and Merging using Git
• Working with Conflict Resolution
• Comparing commits, branches and workspace
• Working with Remote Git repo using Github
• Push - Pull - Fetch using Github
• Tagging with Git

• What is SonarQube?
• Benefits of SonarQube?
• Alternative of SonarQube
• Understanding Various License of SonarQube
• Architecture of SonarQube
• How SonarQube works?
• Components of SonarQube
• SonarQube runtime requirements
• Installing and configuring SonarQube in Linux
• Basic Workflow in SonarQube using Command line
• Working with Issues in SonarQube

• Working with Rules in SonarQube
• Working with Quality Profiles in SonarQube
• Working with Quality Gates in SonarQube
• Deep Dive into SonarQube Dashboard
• Understanding Seven Axis of SonarQube Quality
• Workflow in SonarQube with Maven Project
• Workflow in SonarQube with Gradle Project
• OWASP Top 10 with SonarQube

Maven

• Introduction to Apache Maven
• Advantage of Apache Maven over other build tools
• Understanding the Maven Lifecycle and Phase
• Understanding the Maven Goals
• Understanding the Maven Plugins
• Understanding the Maven Repository
• Understanding and Maven Release and Version
• Prerequisite and Installing Apache Maven
• Understanding and using Maven Archetypes
• Understanding Pom.xml and Setting.xml
• Playing with multiples Maven Goals
• Introducing Maven Dependencies
• Introducing Maven Properties
• Introducing Maven Modules
• Introducing Maven Profile
• Introducing Maven Plugins
• How can Maven benefit my development process?
• How do I setup Maven?
• How do I make my first Maven project?
• How do I compile my application sources?
• How do I compile my test sources and run my unit tests?
• How do I create a JAR and install it in my local repository?
• How do I use plugins?
• How do I add resources to my JAR?
• How do I filter resource files?
• How do I use external dependencies?
• How do I deploy my jar in my remote repository?
• How do I create documentation?
• How do I build other types of projects?
• How do I build more than one project at once?

Gradle

• What is Gradle?
• Why Gradle?
• Installing and Configuring Gradle
• Build Java Project with Gradle
• Build C++ Project with Gradle
• Build Python Project with Gradle
• Dependency Management in Gradle
• Project Structure in Gradle
• Gradle Tasks
• Gradle Profile and Cloud
• Gradle Properties
• Gradle Plugins

Artifactory

• Artifactory
• Artifactory Overview
• Understanding a role of Artifactory in DevOps
• System Requirements
• Installing Artifactory in Linux
• Using Artifactory
• Getting Started
• General Information
• Artifactory Terminology
• Artifactory Repository Types
• Artifactory Authentication
• Deploying Artifacts using Maven
• Download Artifacts using Maven
• Browsing Artifactory
• Viewing Packages
• Searching for Artifacts
• Manipulating Artifacts

Packer

• Packer
• Getting to Know Packer
• What is Packer?
• Save What is Packer?
• Installing Packer
• Save Installing Packer
• The Packer workflow and components
• Save The Packer workflow and components
• The Packer CLI
• Save The Packer CLI
• Baking a Website Image for EC2
• Select an AWS AMI base
• Save Select an AWS AMI base
• Automate AWS AMI base build
• Save Automate AWS AMI base build
• Using build variables
• Save Using build variables
• Provision Hello World
• Save Provision Hello World
• Provision a basic site
• Save Provision a basic site
• Customization with a Config Management Tool
• Simplify provisioning with a config tool
• Save Simplify provisioning with a config tool
• Use ansible to install the webserver
• Save Use ansible to install the webserver
• Debugging
• Save Debugging
• Building Hardened Images
• Use Ansible modules to harden our image
• Save Use Ansible modules to harden our image
• Baking a Jenkins image
• Save Baking a Jenkins image
• Building a Pipeline for Packer Image
• Validate Packer templates
• Save Validate Packer templates
• Create a manifest profile
• Save Create a manifest profile
• Testing
• Save Testing
• CI pipeline
• Save CI pipeline

Junit

• - What is Unit Testing?
• - Tools for Unit Testing
• - What is Junit?
• - How to configure Junit?
• - Writing Basic Junit Test cases
• - Running Basic Junit Test cases
• - Junit Test Results

Selenium

• - Selenium IDE
• - Selenium Web driver
• - Selenium Grid

Jacoco

• Overview of Code coverage process
• Introduction of Jacoco
• How Jacoco works!
• How to install Jaoco?
• Setup testing Environment with Jacoco
• Create test data files using Jacoco and Maven
• Create a Report using Jacoco
• Demo - Complete workflow of Jacoco with Maven and Java Project

• Overflow of Configuration Management
• Introduction of Ansible
• Ansible Architecture
• Let’s get startted with Ansible
• Ansible Authentication & Authorization
• Let’s start with Ansible Adhoc commands
• Let’s write Ansible Inventory

• Let’s write Ansible Playbook
• Working with Popular Modules in Ansible
• Deep Dive into Ansible Playbooks
• Working with Ansible Variables
• Working with Ansible Template
• Working with Ansible Handlers
• Roles in Ansible
• Ansible Galaxy

• Understanding the Need of Kubernetes
• Understanding Kubernetes Architecture
• Understanding Kubernetes Concepts
• Kubernetes and Microservices
• Understanding Kubernetes Masters and its Component
• kube-apiserver
• etcd
• kube-scheduler
• kube-controller-manager
• Understanding Kubernetes Nodes and its Component
• kubelet
• kube-proxy
• Container Runtime
• Understanding Kubernetes Addons
• DNS
• Web UI (Dashboard)
• Container Resource Monitoring
• Cluster-level Logging

• Understand Kubernetes Terminology
• Kubernetes Pod Overview
• Kubernetes Replication Controller Overview
• Kubernetes Deployment Overview
• Kubernetes Service Overview
• Understanding Kubernetes running environment options
• Working with first Pods
• Working with first Replication Controller
• Working with first Deployment
• Working with first Services
• Introducing Helm
• Basic working with Helm

• Deploying Your First Terraform Configuration
• Introduction
• What's the Scenario?
• Terraform Components
• Updating Your Configuration with More Resources
• Introduction
• Terraform State and Update
• What's the Scenario?
• Data Type and Security Groups
• Configuring Resources After Creation
• Introduction
• What's the Scenario?
• Terraform Provisioners
• Terraform Syntax

• Adding a New Provider to Your Configuration
• Introduction
• What's the Scenario?
• Terraform Providers
• Terraform Functions
• Intro and Variable
• Resource Creation
• Deployment and Terraform Console
• Updated Deployment and Terraform Commands

• Lets understand Continuous Integration
• What is Continuous Integration
• Benefits of Continuous Integration
• What is Continuous Delivery
• What is Continuous Deployment
• Continuous Integration Tools


• What is Jenkins
• History of Jenkins
• Jenkins Architecture
• Jenkins Vs Jenkins Enterprise
• Jenkins Installation and Configurations


• Jenkins Dashboard Tour
• Understand Freestyle Project
• Freestyle General Tab
• Freestyle Source Code Management Tab
• Freestyle Build Triggers Tab
• Freestyle Build Environment
• Freestyle Build
• Freestyle Post-build Actions
• Manage Jenkins
• My Views
• Credentials
• People
• Build History


• Creating a Simple Job
• Simple Java and Maven Based Application
• Simple Java and Gradle Based Application
• Simple DOTNET and MSBuild Based Application


• Jobs Scheduling in Jenkins
• Manually Building
• Build Trigger based on fixed schedule
• Build Trigger by script
• Build Trigger Based on pushed to git
• Useful Jobs Configuration
• Jenkins Jobs parameterised
• Execute concurrent builds
• Jobs Executors
• Build Other Projects
• Build after other projects are built
• Throttle Builds


• Jenkins Plugins
• Installing a Plugin
• Plugin Configuration
• Updating a Plugin
• Plugin Wiki
• Top 20 Useful Jenkins Plugins
• Using Jenkins Pluginss Best Practices

• Jenkins Node Managment
• Adding a Linux Node
• Adding a Windows Nodes
• Nodes Management using Jenkins
• Jenkins Nodes High Availability


• Jenkins Integration with other tools
• Jira
• Git
• SonarQube
• Maven
• Junit
• Ansible
• Docker
• AWS
• Jacoco
• Coverity
• Selenium
• Gradle


• Reports in Jenkins
• Junit Report
• SonarQube Reports
• Jacoco Reports
• Coverity Reports
• Selenium Reports
• Test Results
• Cucumber Reports


• Jenkins Node Managment
• Adding a Linux Node
• Adding a Windows Nodes
• Nodes Management using Jenkins
• Jenkins Nodes High Availability


• Notification & Feedback in Jenkins
• CI Build Pipeline & Dashboard
• Email Notification
• Advance Email Notification
• Slack Notification


• Jenkins Advance - Administrator
• Security in Jenkins
• Authorization in Jenkins
• Authentication in Jenkins
• Managing folder/subfolder
• Jenkins Upgrade
• Jenkins Backup
• Jenkins Restore
• Jenkins Command Line

• Getting started
• Integrations
• Infrastructure
• Host Map
• Events
• Dashboards


• Datadog Tagging
• Assigning Tags
• Using Tags


• Agent
• Datadog Agent Usage
• Datadog Agent Docker
• Datadog Agent Kubernetes
• Datadog Agent Cluster Agent
• Datadog Agent Log Collection
• Datadog Agent Proxy
• Datadog Agent Versions
• Datadog Agent Troubleshooting

• Datadog Integrations
• Apache
• Tomcat
• AWS
• MySql


• Datadog Metrics
• Metrics Introduction
• Metrics Explorer
• Metrics Summary


• Datadog Graphing
• Dashboards
• Metrics


• Datadog Alerting
• Monitors
• Manage Monitors
• Monitor Status

• What Is Splunk?
• Overview
• Machine Data
• Splunk Architecture
• Careers in Splunk


• Setting up the Splunk Environment
• Overview
• Splunk Licensing
• Getting Splunk
• Installing Splunk
• Adding Data to Splunk


• Basic Searching Techniques
• Adding More Data
• Search in Splunk
• Demo: Splunk Search
• Splunk Search Commands
• Splunk Processing Langauge
• Splunk Reports
• Reporting in Splunk
• Splunk Alerts
• Alerts in Splunk


• Enterprise Splunk Architecture
• Overview
• Forwarders
• Enterprise Splunk Architecture
• Installing Forwarders
• Installing Forwarders
• Troubleshooting Forwarder Installation

• Splunking for DevOps and Security
• Splunk in DevOps
• DevOps Demo
• Splunk in Security
• Enterprise Use Cases
• Application Development in Splunkbase
• What Is Splunkbase?


• Navigating the Splunkbase
• Creating Apps for Splunk
• Benefits of Building in Splunkbase
• Splunking on Hadoop with Hunk
• What Is Hadoop?
• Running HDFS Commands
• What Is Hunk?
• Installing Hunk
• Moving Data from HDFS to Hunk
• Composing Advanced Searches
• Splunk Searching


• Introduction to Advanced Searching
• Eval and Fillnull Commands
• Other Splunk Command Usage
• Filter Those Results!
• The Search Job Inspector
• Creating Search Macros
• What Are Search Macros?
• Using Search Macros within Splunk
• Macro Command Options and Arguments
• Other Advanced Searching within Splunk

• Introduction and Overview of NewRelic
• What is Application Performance Management?
• Understanding a need of APM
• Understanding transaction traces
• What is Application Performance?
• APM Benefits
• APM Selection Criteria
• Why NewRelic is best for APM?
• What is NewRelic APM?
• How does NewRelic APM work?
• NewRelic Architecture
• NewRelic Terminology
• Installing and Configuring NewRelic APM Agents for Application
• Register a Newrelic Trial account
• Installing a JAVA Agent to Monitor your Java Application
• Installing a PHP Agent to Monitor your PHP Application
• Installing New Relic Agent for .NET Framework Application
• Installing a Docker based Agent to Monitor your Docker based Application
• Understanding of NewRelic Configration settings of newrelic.yml
• Understanding of NewRelic Agent Configration settings
• Working with NewRelic Dashboard
• Understanding a transactions
• Understanding Apdex and Calculating and Setting Apdex Threshold
• Understanding Circuit break
• Understanding Throughput
• Newrelic default graphs
• Understanding and Configuring Service Maps
• Understanding and Configuring JVM
• Understanding Error Analytics
• Understanding Violations
• Understanding and Configuring Deployments
• Understanding and Configuring Thread Profiler
• Depp Dive into Transaction Traces
• Profiling with New Relic

• Creating and managing Alerts
• Working with Incidents
• Sending NewRelic Alerts to Slack
• Assessing the quality of application deployments
• Monitoring using Newrelic
• View your applications index
• APM Overview page
• New Relic APM data in Infrastructure
• Transactions page
• Databases and slow queries
• Viewing slow query details
• External services page
• Agent-specific UI
• Viewing the transaction map


• Deep Dive into Newrelic Advance
• Newrelic transaction alerts
• Configure abnd Troubleshoot and Cross Application Traces
• NewRelic Service Level Agreements
• Troubleshooting NewRelic
• Understanding and Configuring NewRelic X-Ray Sessions
• Deep Dive into NewRelic Agent Configuration
• Adding Custom Data with the APM Agent
• Extending Newrelic using Plugins
• Finding and Fixing Application Performance Issues with New Relic APM
• Setting up database montioring using Newrelic APM
• Setting up and Configuring Newrelic Alerts


• Working with NewRelic Performance Reports
• Availability report
• Background jobs analysis report
• Capacity analysis report
• Database analysis report
• Host usage report
• Scalability analysis report
• Web transactions analysis report
• Weekly performance report

STRIDE:

• STRIDE is a threat modeling methodology developed by Microsoft that identifies six types of threats: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
• The STRIDE approach involves analyzing each component of a system to identify potential threats and vulnerabilities, and then determining appropriate countermeasures to mitigate these risks.

PASTA:

• PASTA is a Process for Attack Simulation and Threat Analysis that is based on the concept of "attacker thinking".
• The PASTA approach involves identifying potential attackers and their motivations, analyzing potential attack paths, and identifying countermeasures to mitigate these risks.
• PASTA is a comprehensive methodology that considers both technical and non-technical factors in the threat modeling process.

VAST:

• VAST is a Visual, Agile, and Simple Threat modeling methodology that is designed to be accessible to both technical and non-technical stakeholders.
• The VAST approach involves creating visual models of the system and its components, and then identifying potential threats and vulnerabilities through a series of brainstorming sessions.
• VAST is designed to be flexible and adaptable, and can be used in a variety of development methodologies.

Microsoft Threat Modeling Tool:

• The Microsoft Threat Modeling Tool is a free tool that helps organizations identify potential threats and vulnerabilities in their software systems.
• The tool uses the STRIDE methodology and allows users to create data flow diagrams of their systems, which can then be analyzed for potential threats and vulnerabilities.
• The Microsoft Threat Modeling Tool provides a comprehensive set of reports and analysis tools, allowing users to prioritize and address potential risks.

OWASP Threat Dragon:

• OWASP Threat Dragon is an open-source tool that helps organizations identify potential threats and vulnerabilities in their software systems.
• The tool uses a data flow diagram approach to threat modeling, allowing users to create visual models of their systems and identify potential attack paths.
• OWASP Threat Dragon provides a comprehensive set of reports and analysis tools, and is designed to integrate with other development tools and methodologies.

OWASP ZAP (Zed Attack Proxy):

• OWASP ZAP is a free, open-source DAST tool that can be used to identify vulnerabilities in web applications.
• ZAP can be used to perform a variety of tests, including active scanning, passive scanning, and fuzz testing.
• The tool provides a user-friendly interface and can be integrated with other testing tools and frameworks.

Skipfish:

• Skipfish is a free, open-source DAST tool that can be used to identify vulnerabilities in web applications.
• Skipfish is designed to be fast and efficient, making it a good choice for testing large, complex web applications.
• The tool can be run in parallel, allowing it to perform tests on multiple web applications simultaneously.

Nmap:

• Nmap is a free, open-source network scanning tool that can be used to identify open ports and services on a network.
• Nmap can also be used to identify potential vulnerabilities in web applications and other network services.
• The tool provides a variety of scanning options, including stealth scanning and operating system fingerprinting.

OpenVAS:

• OpenVAS is a free, open-source vulnerability scanner that can be used to identify vulnerabilities in web applications and other network services.
• The tool provides a comprehensive set of tests, including active scanning, passive scanning, and vulnerability analysis.
• OpenVAS also provides a variety of reporting options, including detailed reports and risk assessments.

Fortify WebInspect:

• Fortify WebInspect is a commercial DAST tool that can be used to identify vulnerabilities in web applications.
• The tool provides a comprehensive set of tests, including active scanning, passive scanning, and fuzz testing.
• Fortify WebInspect also provides a variety of reporting options, including detailed reports and risk assessments.

Network Configurations:

• Consul provides a central service registry that keeps track of all the services in the infrastructure.
• Each microservice in the infrastructure registers itself with Consul, providing information like its IP address, port, and health status.
• Consul also supports multiple datacenters, allowing for the deployment of services across different regions or availability zones.
• Consul provides a DNS interface that can be used to discover services in the infrastructure. Applications can use this interface to resolve service names to IP addresses and connect to the appropriate service.

Service Discovery:

• Consul provides a service discovery mechanism that enables microservices to discover and communicate with each other.
• Consul supports different service discovery methods, including DNS, HTTP, and gRPC.
• Consul can perform health checks on the services in the infrastructure to ensure that they are functioning properly. If a service fails a health check, it is removed from the service registry until it is healthy again.
• Consul also supports service segmentation, allowing services to be grouped into logical subsets based on tags or other attributes. This enables more fine-grained control over service discovery and traffic routing.

Falco

• Securuing Containers (RASP)- Twistkock
• Falco Components
• Userspace program
• Falco Configuration
• Privilege escalation using privileged containers
• Namespace changes using tools like setns
• Read/Writes to well-known directories such as /etc, /usr/bin, /usr/sbin
• Creating symlinks
• Ownership and Mode changes
• Unexpected network connections or socket mutations
• Securuing Containers (RASP)- Falco
• Spawned processes using execve
• Falco drivers
• Falco userspace program
• Executing shell binaries such as sh, bash, csh, zsh, etc
• Executing SSH binaries such as ssh, scp, sftp, etc
• Mutating Linux coreutils executables
• Mutating login binaries
• Mutating shadowutil or passwd executables

Notary

• What is CNCF Notary
• Why CNCF Notary?
• What is The Update Framework (TUF)?
• Understand the Notary service architecture
• Brief overview of TUF keys and roles
• Architecture and components
• Example client-server-signer interaction
• Threat model
• Notary server compromise
• Notary signer compromise
• Notary client keys and credentials compromise
• Run a Notary service
• Notary configuration files

• Introduction to Web Application Firewall (WAF) and its importance in securing web applications.
• Overview of AWS WAF, Azure Web Application Firewall, and Cloudflare Web Application Firewall as popular WAF solutions in the market.
• Understanding the architecture and key features of each WAF solution.
• Deep-dive into each WAF solution, including installation, configuration, and usage.
• Demo of each WAF solution, including a walk-through of its user interface and workflow.
• Understanding WAF rules and how to create and customize them for specific use cases in each WAF solution.
• Best practices for using each WAF solution to protect web applications, including how to interpret and act on its findings.
• Integration of each WAF solution with other cloud services and development tools.

• Common issues and limitations of WAF solutions like AWS WAF, Azure Web Application Firewall, and Cloudflare Web Application Firewall and how to mitigate them.
• Real-world examples of how each WAF solution has helped organizations improve their web application security.
• Comparison between AWS WAF, Azure Web Application Firewall, and Cloudflare Web Application Firewall in terms of features, capabilities, and pricing.
• Future developments in WAF solutions and WAF in general.
• Q&A session to answer any remaining questions or concerns about AWS WAF, Azure Web Application Firewall, Cloudflare Web Application Firewall, WAF, or web application security in general.

• Introduction to securing credentials and why it is important in today's security landscape.
• Overview of HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, AWS KMS, and Kubernetes Secrets as popular solutions for securing credentials.
• Understanding the architecture and key features of each solution.
• Deep-dive into each solution, including installation, configuration, and usage.
• Demo of each solution, including a walk-through of its user interface and workflow.
• Understanding the types of credentials that can be secured using each solution.
• Best practices for using each solution to secure credentials, including how to interpret and act on its findings.
• Integration of each solution with other cloud services and development tools.

• Common issues and limitations of each solution and how to mitigate them.
• Real-world examples of how each solution has helped organizations improve their credential security.
• Comparison between HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, AWS KMS, and Kubernetes Secrets in terms of features, capabilities, and pricing.
• Future developments in securing credentials and the solutions that support them.
• Q&A session to answer any remaining questions or concerns about securing credentials using HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, AWS KMS, Kubernetes Secrets, or credential security in general.

• Introduction to policy-based control and its importance in cloud native environments.
• Overview of Open Policy Agent (OPA) as a popular open-source policy engine for cloud native environments.
• Understanding the architecture and key features of OPA, including the Rego policy language.
• Deep-dive into OPA, including installation, configuration, and usage.
• Demo of OPA, including a walk-through of its user interface and workflow.
• Understanding how policies can be defined in OPA using the Rego policy language, and how they can be enforced in cloud native environments.
• Best practices for defining policies in OPA to ensure proper control and compliance.
• Integrating OPA with cloud native technologies, such as Kubernetes, Istio, and Envoy, to enforce policies.

• Leveraging OPA to ensure compliance with industry standards and regulations, such as CIS benchmarks and GDPR.
• Monitoring and auditing policy compliance using OPA.
• Common issues and limitations of OPA and how to mitigate them.
• Real-world examples of how OPA has helped organizations improve their policy-based control in cloud native environments.
• Future developments in policy-based control and OPA, including the potential for machine learning and AI-based policy enforcement.
• Comparison between OPA and other policy engines in terms of features, capabilities, and pricing.
• Q&A session to answer any remaining questions or concerns about policy-based control for cloud native environments using Open Policy Agent.

• Introduction to cloud security and the shared responsibility model for cloud security.
• Overview of AWS security services, such as AWS Identity and Access Management (IAM), AWS Key Management Service (KMS), and AWS Security Hub.
• Best practices for securing AWS resources, including configuring network security, managing access control, and securing data.
• Understanding AWS compliance and regulatory requirements, such as HIPAA and PCI DSS.
• Overview of Azure security services, such as Azure Active Directory (AD), Azure Security Center, and Azure Key Vault.
• Best practices for securing Azure resources, including configuring network security, managing access control, and securing data.
• Understanding Azure compliance and regulatory requirements, such as GDPR and ISO 27001.

• Comparing and contrasting AWS and Azure security services and practices.
• Cloud security automation with tools like AWS CloudFormation and Azure Resource Manager.
• Container security best practices with AWS Elastic Container Service (ECS) and Azure Kubernetes Service (AKS).
• DevSecOps practices and tooling for cloud security.
• Real-world examples of how organizations have successfully implemented cloud security practices with AWS and Azure.
• Future trends and developments in cloud security.
• Q&A session to answer any remaining questions or concerns about cloud security with AWS and Azure.

• Introduction to SIEM and its role in security operations.
• Overview of Splunk SIEM, its architecture, and its components.
• Data ingestion and management in Splunk SIEM, including configuring data sources and handling data volume and retention.
• Creating and managing dashboards, reports, and alerts in Splunk SIEM.
• Splunk SIEM search language and syntax, including basic and advanced search commands.
• Using Splunk Enterprise Security (ES) to manage and analyze security events and incidents.

• Integrating third-party security tools and platforms with Splunk SIEM.
• Best practices for deploying and scaling Splunk SIEM in enterprise environments.
• Splunk SIEM use cases and real-world examples of how organizations have successfully implemented it for security operations.
• Future trends and developments in SIEM and Splunk SIEM.
• Q&A session to answer any remaining questions or concerns about Splunk SIEM and SIEM in general.