TrainXOps Logo

Comprehensive DevSecOps Training

From beginner to expert: The complete DevSecOps learning journey.

About Trainer: Experienced Cloud & DevOps Engineer with over 12 years driving automation and infrastructure innovation across AWS, Azure, and GCP. Skilled in Terraform, Kubernetes, CI/CD pipelines, monitoring with ELK and Prometheus, and expert in Bash & Python automation.

Starting a new training batch from 1st Nov 2025. Duration: 4 Months. To Enroll, contact at - traindevsecops@gmail.com | Mobile: +91 9900947057

DevSecOps Training Curriculum

1. DevSecOps Introduction

  • What is DevSecOps?
  • Cloud Computing Fundamentals
  • Why DevSecOps
  • Challenges in implementing DevSecOps

2. Linux

  • Introduction to Basic Commands
  • Managing Files and Directories
  • Permissions in Linux
  • Package Management
  • User and Group Management
  • Text Editor
  • File System Hierarchy
  • Disk Management
  • SSH, SCP, WGET and CURL commands usage
  • Linux Firewall
  • Linux Networking tools and protocols
  • awk and sed command usage with examples

3. Version Control System (VCS)

  • Introduction to Git and GitHub
  • Git Basics
  • Branching strategy
  • Working with Remote repositories
  • Pull request best practices
  • Secrets management with GitHub

4. Jenkins and GitHub Actions

  • Introduction to Jenkins
  • Installation and Configuration
  • Plugins usage
  • Pipelines creation as Code
  • GitHub Actions Introduction
  • Workflow creations
  • CI/CD best practices
  • Integrating Security Scans in CI/CD pipelines

5. Docker

  • Monolith vs Microservices
  • Cgroups vs Namespaces
  • Docker Architecture
  • Installation of Docker
  • Docker Basic commands
  • Image creation using Dockerfile
  • Docker Volumes
  • Docker Networking
  • Docker Multistage builds
  • Docker Compose
  • Docker Registry
  • Docker Security Best Practices
  • Build an python application with sample database
  • Analyzing logs for the containers

6. Kubernetes

  • K8s Architecture
  • Installation with kubeadm on AWS
  • Kubectl and Kubeconfig
  • Labels & Selector
  • ReplicaSets
  • Deployments
  • Pods
  • Multi-container pods
  • Rolling updates and Rollbacks
  • StatefulSets
  • DaemonSets
  • Namespaces
  • Services
  • Volumes
  • Ingress
  • NodeAffinity - AntiAffinity
  • PodAffinity-AntiAffinity
  • Taints-Tolerations
  • Jobs-cronjobs
  • Request limits
  • ConfigMaps and Secrets
  • RBAC and Service account
  • Network policies
  • Kustomize – Kubernetes Native Configuration Customization
  • Helm - Package Manager for Kubernetes
  • API Gateway
  • Istio and Service Mesh

7. Amazon Web Services (AWS)

  • AWS Console walkthrough
  • Networking fundamentals
  • VPC (Virtual Private Cloud)
  • Public vs Private Subnets
  • Internet Gateway
  • NAT Gateway
  • NACL (Network Access Control List)
  • Elastic Cloud Compute (EC2)
  • Security Group
  • Elastic Block Storage (EBS)
  • EBS Snapshots
  • Amazon Machine Image (AMI)
  • Simple Storage Service (S3)
  • Identity and Access Management (IAM)
  • Loadbalancer types and Autoscaling
  • Relational Database Service (RDS)
  • Route 53
  • CloudWatch
  • CloudTrail
  • Lambda
  • API Gateway
  • Elastic Container Registry (ECR)
  • Elastic Container Service (ECS)
  • Elastic Kubernetes Service (EKS)

8. Infrastructure as Code Terraform

  • Introduction to Infrastructure as Code
  • Overview to Terraform
  • Installation of AWS config
  • Making use of Terraform Official Documentation
  • Authentication and Authorization
  • Terraform and Provider version best practices
  • Terraform Cloud usage with Dynamic credentials
  • Launch EC2 with Terraform
  • Resources and providers
  • Security Groups, EIP, IAM
  • Output Values
  • Plan VS Apply vs Destroy
  • Attributes and variable
  • Data Types [List, map, Set etc.]
  • Meta Arguments, count, count index
  • Locals, Data sources
  • Load Order and Semantics
  • Dynamic Blocks
  • Lifecycle Meta-Arguments
  • Provisioners [Local and Remote Exec]
  • Modules, Workspace
  • Remote State Files Management and State locking

9. Observability

  • ELK Stack
  • Prometheus
  • Grafana dashboard

10. GitOps - Continuous Kubernetes Deployments

  • Introduction to GitOps methodology
  • Argo CD - Kubernetes-native GitOps Continuous Delivery tool
  • Features and architecture of Argo CD
  • How Argo CD synchronizes Git repositories to Kubernetes clusters
  • Using Argo CD CLI and Web UI
  • Multi-cluster and multi-team support with Argo CD

11. Scripting

  • Bash Introduction
  • Scenarious where bash scripting useful
  • Python Basics
  • Real time usage of Python scripts

12. Security in DevSecOps

  • Introduction to Application Security
  • OWASP Top 10 Vulnerabilities
  • Static Application Security Testing (SAST) tools (SonarQube, Checkmarx)
  • Software Composition Analysis (SCA) tools (Snyk, Dependabot)
  • Container Security (Aqua, Trivy)
  • Kubernetes Security (Kube-bench, Kube-hunter)
  • Infrastructure as Code (IaC) Security (Checkov, TFSec)
  • Integrating security tools into CI/CD pipelines
  • Best practices for secure coding and DevSecOps culture

What Our Trainees Say

Submit Your Testimonial

Contact Us

Email: traindevsecops@gmail.com

Phone: +91 9900947057