{"id":31279,"date":"2022-09-17T03:24:31","date_gmt":"2022-09-17T03:24:31","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=31279"},"modified":"2022-12-23T05:47:18","modified_gmt":"2022-12-23T05:47:18","slug":"devsecops-certified-professional-dsocp-curriculum","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/devsecops-certified-professional-dsocp-curriculum\/","title":{"rendered":"DevSecOps Certified Professional (DSOCP) Curriculum"},"content":{"rendered":"\n<figure class=\"wp-block-table is-style-regular has-medium-font-size\"><table><thead><tr><th class=\"has-text-align-center\" data-align=\"center\">#<\/th><th>SDLC Problems<\/th><th>Solution<\/th><\/tr><\/thead><tbody><tr><td class=\"has-text-align-center\" data-align=\"center\">1<\/td><td> SDLC Models &amp; Architecture with Agile, DevOps, SRE &amp; DevSecOps, SOA &amp; Micro services<\/td><td> Concept<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">2<\/td><td> Platform &#8211; Operating Systems<\/td><td>Centos\/Ubuntu &amp; VirtualBox &amp; Vagrant<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">3<\/td><td> Platform &#8211; Cloud<\/td><td> AWS<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">4<\/td><td> Platform &#8211; Containers<\/td><td>Docker<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">5<\/td><td> Planning and Designing<\/td><td> Jira &amp; Confulence<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">6<\/td><td> Backend Programming Language<\/td><td> App Dev with Python\/Flask with mysql DB<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">7<\/td><td> Source Code Versioning<\/td><td> Git using Github<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">8<\/td><td> Code Analysis &amp; Securing Code (SAST)<\/td><td> SonarQube &amp; Coverity Scan &amp; Snyk<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">9<\/td><td> Build Management<\/td><td> Maven and Gradle<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">10<\/td><td> Package Management<\/td><td> Packer &amp; Artifactory<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">11<\/td><td> Unit Testing &amp; Acceptance Testing &amp; Coverage<\/td><td> Junit &amp; Selenium &amp; Jacoco &amp; Jmeter<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">12<\/td><td> Configuration &amp; Deployment Management<\/td><td> Ansible<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">13<\/td><td> Container Orchestration <\/td><td> Kubernetes &amp; Helm Introduction<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">14<\/td><td> Infrastructure Coding<\/td><td> Terraform<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">15<\/td><td> Continuous Integration<\/td><td> Jenkins<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">16<\/td><td> Infrastructure Monitoring Tool<\/td><td> Datadog<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">17<\/td><td> Log Monitoring Tool<\/td><td> Splunk<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">18<\/td><td> Application Performance Monitoring<\/td><td> NewRelic<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th class=\"has-text-align-center\" data-align=\"center\">#<\/th><th>Security Problems<\/th><th>Solution<\/th><\/tr><\/thead><tbody><tr><td class=\"has-text-align-center\" data-align=\"center\">18<\/td><td> Threat Model &amp; Tools<\/td><td> STRIDE \/ PASTA \/ VAST &amp; Microsoft Threat Modeling Tool \/ OWASP Threat Dragon<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">19<\/td><td> Dynamic Application Security Testing (DAST)<\/td><td> OWASP ZAP (Zed Attack Proxy) \/ Skipfish \/ Nmap \/ OpenVAS by Greenbone \/ Fortify WebInspect<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">20<\/td><td> Software Composition Analysis (SCA)<\/td><td> OWASP Dependency Check \/ Jfrog Xray<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">21<\/td><td> Runtime application self-protection &amp; Containers (RASP)<\/td><td> Falco \/ Notary \/ The Update Framework (TUF) \/ Nikto<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">22<\/td><td> Web Application Firewall (WAF)<\/td><td> AWS WAF \/ Azure Web Application Firewall \/ Cloudflare Web Application Firewall (WAF)<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">23<\/td><td> Securing Credentials<\/td><td> HashiCorp Vault &amp; AWS Secrets Manager, Azure key vault, AWS KMS, Kubernetes Secrets<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">24<\/td><td> Policy-based control for cloud native environments<\/td><td> Open Policy Agent (OPA)<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">25<\/td><td> Cloud Security service &amp; Practices<\/td><td> Cloud Security with AWS &amp; Azure service<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\">26<\/td><td>Security Information and Event Management SIEM<\/td><td> Splunk SIEM<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\"><\/td><td><\/td><td><\/td><\/tr><\/tbody><\/table><\/figure>\n","protected":false},"excerpt":{"rendered":"<p># SDLC Problems Solution 1 SDLC Models &amp; Architecture with Agile, DevOps, SRE &amp; DevSecOps, SOA &amp; Micro services Concept 2 Platform &#8211; Operating Systems Centos\/Ubuntu &amp; VirtualBox &amp; Vagrant&#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[2],"tags":[],"class_list":["post-31279","post","type-post","status-publish","format-standard","hentry","category-uncategorised"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/31279","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=31279"}],"version-history":[{"count":2,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/31279\/revisions"}],"predecessor-version":[{"id":31281,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/31279\/revisions\/31281"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=31279"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=31279"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=31279"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}