18 Apr Abstract DevSecOps Consulting and Training

The key learning objectives for this DevSecOps training:

• Understand the C.A.L.M.S. Framework: Gain insights into the principles of Culture, Automation, Lean, Measurement, and Sharing
• Explore the DevOps Three Ways Strategy: Learn about Flow, Feedback, and Continuous Experimentation & Learning, with practical examples.
• Implement Continuous Integration, Delivery, and Deployment (CI/CD): Understand the importance of integrating security practices into CI/CD pipelines to ensure rapid and secure software releases.
• Define Artifacts, Containers, and APIs: Comprehend the critical role of well-defined artifacts, containerization, and secure API management.
• Measure and Analyze DevSecOps Metrics: Learn to apply measurement techniques and analyze metrics
• Apply Value-Driven Metrics to the Three Ways: Understand how to utilize value-driven metrics in the context of Flow, Feedback, and Continuous Experimentation.

This training is designed to equip participants with the knowledge and skills necessary to integrate security seamlessly into DevOps practices, ensuring both agility and resilience in modern software development.

DevSecOps Training: Integrating Security into DevOps with CALMS & The Three Ways

In this DevSecOps training, participants will gain a comprehensive understanding of how to integrate security seamlessly into DevOps practices by leveraging the C.A.L.M.S. framework (Culture, Automation, Lean, Measurement, and Sharing). This strategy fosters a collaborative mindset, accelerates delivery, and ensures continuous security throughout the software development lifecycle.

The course will explore the DevOps Three Ways strategy—Flow, Feedback, and Continuous Experimentation & Learning—providing real-world examples such as Chaos Engineering, Site Reliability Engineering (SRE), and automated security testing. Participants will learn how to improve flow through CI/CD pipelines, enhance feedback loops with security scanning tools, and drive innovation by fostering a culture of controlled experimentation.

A key focus will be on Continuous Integration, Delivery, and Deployment, emphasizing the critical role of well-defined artifacts, containers, and APIs in achieving secure and scalable software releases. Proper versioning, dependency management, and API security best practices will be highlighted to mitigate risks.

Lastly, the training will cover Measurement, Metrics & Reporting, demonstrating the importance of DevOps metrics such as speed (throughput, lead time, cycle time), quality (defect rates, test coverage), stability (MTTR, change failure rate), and culture (collaboration, security posture). By applying these metrics to the Three Ways, participants will understand how to reduce change lead times, improve security feedback loops, and drive value-driven improvements in their DevSecOps strategy.

This course is designed for DevOps engineers, security professionals, SREs, and development teams looking to embed security into their DevOps workflows, ensuring both agility and resilience in modern software development.