• DevOpsCertification, India
  • contact@devopssupport.in
  • Home
  • DevSecOps Certified Professional Online Training (DSOCP)

DevSecOps Certified Professional Online Training (DSOCP)

We are Offering Online Training

Trained 8000+ Students Multiple Location Job Oriented Courses
Validate your technical skills and expertise with an industry-recognized credential and grow your career.
images

4.8/5.0

Reviews Rating

66

Hours Training

4036 +

Participants

10

Sets

Free Test

Format

Practice Exam

No. of Hands-on Labs

O Labs

No. of Questions

20 Questions

No. of Tests

1 Test

0/-
Practice Tests

Format

Practice Exam

No. of Hands-on Labs

O Labs

No. of Questions

20 Questions

No. of Tests

1 Test

49999/-
Online Course

Format

Practice Exam

No. of Hands-on Labs

O Labs

No. of Questions

20 Questions

No. of Tests

1 Test

49999/-

Real Exam Format and Information

Certification Name AWS Certified Solutions Architect Associate

Exam Duration 130 Minutes

Number of Questions 60-70

Exam Fee $150

Validity 3 years

Certification Exam Code SAA-C01 & SAA-C02

Exam Format Multiple Choice and Multiple Answer Type Exam

Passing Score 70-75%

Eligibility/Pre-requisite None

Exam Languages English, Japanese, Korean, and Simplified Chinese

Why Choose Us?

Practice Questions

7 Full-length Mock Exams (600+ unique AWS Solutions Architect Associate certification exam practice questions)

Online Course

17 hours 47 minutes Training Videos for all the certification exam objectives. You will be amazed by the way of explaining the concepts that are very easy to understand.

Experts Support

Our support team consists of AWS Experts, ready to clarify all your questions.

Section Quiz

10+ section quiz covering most important topics for the exam (VPC, S3, EFS, API Gateway, ECS, Lambda, EBS, STS, SNS, SQS, ELB, Route 53, etc.)

Labs

Free access to labs to test your knowledge on AWS environment. Covering all the important topics like S3, EC2, VPC, SNS, CloudWatch, DynamoDB, CloudFormation etc.

Testimonials/Feedback

AWS Solutions Architect Associate Exam Feedback from Our Customers

Agenda: DevSecOps Certified Professional Engineering (DSOCP) Download Curriculum

SDLC Models & Architecture with Agile, DevOps, SRE & DevSecOps, SOA & Micro services - Concept

  1. Lets Understand about Software Development Model
  2. Overview of Waterfall Development Model
  3. Challenges of Waterfall Development Model
  4. Overview of Agile Development Model
  5. Challenges of Agile Development Model
  6. Requirement of New Software Development Model
  7. Understaning a existing Pain and Waste in Current Software Development Model
  8. What is DevOps?
    1. Transition in Software developement model
    2. Waterfall -> Agile -> CI/CD -> DevOps -> DevSecOps
  9. Understand DevOps values and principles
  10. Culture and organizational considerations
  11. Communication and collaboration practices
  12. Improve your effectiveness and productivity
  13. DevOps Automation practices and technology considerations
  14. DevOps Adoption considerations in an enterprise environment
  15. Challenges, risks and critical success factors
  16. What is DevSecOps?
    1. Lets Understand DevSecOps Practices and Toolsets.
  1. What is SRE?
    1. Lets Understand SRE Practices and Toolsets.
  2. List of Tools to become Full Stack Developer/QA/SRE/DevOps/DevSecOps
  3. Microservices Fundamentals
  4. Microservices Patterns
    1. Choreographing Services
    2. Presentation components
    3. Business Logic
    4. Database access logic
    5. Application Integration
    6. Modelling Microservices
    7. Integrating multiple Microservices
  5. Keeping it simple
    1. Avoiding Breaking Changes
    2. Choosing the right protocols
    3. Sync & Async
    4. Dealing with legacy systems
    5. Testing
  6. What and When to test
  7. Preparing for deployment
  8. Monitoring Microservice Performance
  9. Tools used for Microservices Demo using container

Ubuntu

  1. Installing CentOS7 and Ubuntu
  2. Accessing Servers with SSH
  3. Working at the Command Line
  4. Reading Files
  5. Using the vi Text Editor
  6. Piping and Redirection
  7. Archiving Files
  8. Accessing Command Line Help
  9. Understanding File Permissions
  10. Accessing the Root Account
  11. Using Screen and Script
  12. Overview of Hypervisor
  13. Introduction of VirtualBox
  14. Install VirtualBox and Creating CentOS7 and Ubuntu Vms

Vagrant

  1. Understanding Vagrant
  2. Basic Vagrant Workflow
  3. Advance Vagrant Workflow
  4. Working with Vagrant VMs
  5. The Vagrantfile
  6. Installing Nginx
  7. Provisioning
  8. Networking
  9. Sharing and Versioning Web Site Files
  10. Vagrant Share
  11. Vagrant Status
  12. Sharing and Versioning Nginx Config Files
  13. Configuring Synced Folders

  1. Introduction of AWS
  2. Understanding AWS infrastructure
  3. Understanding AWS Free Tier
  4. IAM: Understanding IAM Concepts
  5. IAM: A Walkthrough IAM
  6. IAM: Demo & Lab
  7. Computing:EC2: Understanding EC2 Concepts
  8. Computing:EC2: A Walkthrough EC2
  9. Computing:EC2: Demo & Lab
  10. Storage:EBS: Understanding EBS Concepts
  11. Storage:EBS: A Walkthrough EBS
  12. Storage:EBS: Demo & Lab
  13. Storage:S3: Understanding S3 Concepts
  14. Storage:S3: A Walkthrough S3
  15. Storage:S3: Demo & Lab
  1. Storage:EFS: Understanding EFS Concepts
  2. Storage:EFS: A Walkthrough EFS
  3. Storage:EFS: Demo & Lab
  4. Database:RDS: Understanding RDS MySql Concepts
  5. Database:RDS: A Walkthrough RDS MySql
  6. Database:RDS: Demo & Lab
  7. ELB: Elastic Load Balancer Concepts
  8. ELB: Elastic Load Balancer Implementation
  9. ELB: Elastic Load Balancer: Demo & Lab
  10. Networking:VPC: Understanding VPC Concepts
  11. Networking:VPC: Understanding VPC components
  12. Networking:VPC: Demo & Lab

  1. What is Containerization?
  2. Why Containerization?
  3. How Docker is good fit for Containerization?
  4. How Docker works?
  5. Docker Architecture
  6. Docker Installations & Configurations
  7. Docker Components
  8. Docker Engine
  9. Docker Image
  10. Docker Containers
  11. Docker Registry
  12. Docker Basic Workflow
  13. Managing Docker Containers
  14. Creating our First Image
  15. Understading Docker Images
  16. Creating Images using Dockerfile
  17. Managing Docker Images
  18. Using Docker Hub registry
  1. Docker Networking
  2. Docker Volumes
  3. Deepdive into Docker Images
  4. Deepdive into Dockerfile
  5. Deepdive into Docker Containers
  6. Deepdive into Docker Networks
  7. Deepdive into Docker Volumes
  8. Deepdive into Docker Volume
  9. Deepdive into Docker CPU and RAM allocations
  10. Deepdive into Docker Config
  11. Docker Compose Overview
  12. Install & Configure Compose
  13. Understanding Docker Compose Workflow
  14. Understanding Docker Compose Services
  15. Writing Docker Compose Yaml file
  16. Using Docker Compose Commands
  17. Docker Compose with Java Stake
  18. Docker Compose with Rails Stake
  19. Docker Compose with PHP Stake
  20. Docker Compose with Nodejs Stake

  1. Overview of Jira
  2. Use cases of Jira
  3. Architecture of Jira
  4. Installation and Configuraration of Jira in Linux
  5. Installation and Configuraration of Jira in Windows
  6. Jira Terminologies
  7. Understanding Types of Jira Projects
  8. Working with Projects
  9. Working with Jira Issues
  10. Adding Project Components and Versions
  11. Use Subtasks to Better Manage and Structure Your Issues
  12. Link Issues to Other Resources
  13. Working in an Agile project
  14. Working with Issues Types by Adding/Editing/Deleting
  15. Working with Custom Fields by Adding/Editing/Deleting
  16. Working with Screens by Adding/Editing/Deleting
  17. Searching and Filtering Issues
  18. Working with Workflow basic
  19. Introduction of Jira Plugins and Addons.
  20. Jira Integration with Github
  1. Exploring Confluence benefits and resources
  2. Configuring Confluence
  3. Navigating the dashboard, spaces, and pages
  4. Creating users and groups
  5. Creating pages from templates and blueprints
  6. Importing, updating, and removing content
  7. Giving content feedback
  8. Watching pages, spaces, and blogs
  9. Managing tasks and notifications
  10. Backing up and restoring a site
  11. Admin tasks

  1. Planning - Discuss some of the Small Project Requirement which include
  2. Login/Registertration with Some Students records CRUD operations.
  3. Design a Method --> Classes -> Interface using Core Python
    1. Fundamental of Core Python with Hello-world Program with Method --> Classes
  4. Coding in Flask using HTMl - CSS - JS - MySql
    1. Fundamental of Flask Tutorial of Hello-World APP
  5. UT - 2 Sample unit Testing using Pythontest
  6. Package a Python App
  7. AT - 2 Sample unit Testing using Selenium

Technology Demonstration

  1. Software Planning and Designing using JAVA
  2. Core Python
  3. Flask
  4. mySql
  5. pytest
  6. Selenium
  7. HTMl
  8. CSS
  9. Js.

  1. Introduction of Git
  2. Installing Git
  3. Configuring Git
  4. Git Concepts and Architecture
  5. How Git works?
  6. The Git workflow
    1. Working with Files in Git
    2. Adding files
    3. Editing files
    4. Viewing changes with diff
    5. Viewing only staged changes
    6. Deleting files
    7. Moving and renaming files
    8. Making Changes to Files
  1. Undoing Changes
    1. - Reset
    2. - Revert
  2. Amending commits
  3. Ignoring Files
  4. Branching and Merging using Git
  5. Working with Conflict Resolution
  6. Comparing commits, branches and workspace
  7. Working with Remote Git repo using Github
  8. Push - Pull - Fetch using Github
  9. Tagging with Git

  1. What is SonarQube?
  2. Benefits of SonarQube?
  3. Alternative of SonarQube
  4. Understanding Various License of SonarQube
  5. Architecture of SonarQube
  6. How SonarQube works?
  7. Components of SonarQube
  8. SonarQube runtime requirements
  9. Installing and configuring SonarQube in Linux
  10. Basic Workflow in SonarQube using Command line
  11. Working with Issues in SonarQube
  1. Working with Rules in SonarQube
  2. Working with Quality Profiles in SonarQube
  3. Working with Quality Gates in SonarQube
  4. Deep Dive into SonarQube Dashboard
  5. Understanding Seven Axis of SonarQube Quality
  6. Workflow in SonarQube with Maven Project
  7. Workflow in SonarQube with Gradle Project
  8. OWASP Top 10 with SonarQube

  1. Introduction to Apache Maven
  2. Advantage of Apache Maven over other build tools
  3. Understanding the Maven Lifecycle and Phase
  4. Understanding the Maven Goals
  5. Understanding the Maven Plugins
  6. Understanding the Maven Repository
  7. Understanding and Maven Release and Version
  8. Prerequisite and Installing Apache Maven
  9. Understanding and using Maven Archetypes
  10. Understanding Pom.xml and Setting.xml
  11. Playing with multiples Maven Goals
  12. Introducing Maven Dependencies
  13. Introducing Maven Properties
  14. Introducing Maven Modules
  15. Introducing Maven Profile
  16. Introducing Maven Plugins
  17. How can Maven benefit my development process?
  18. How do I setup Maven?
  19. How do I make my first Maven project?
  20. How do I compile my application sources?
  21. How do I compile my test sources and run my unit tests?
  22. How do I create a JAR and install it in my local repository?
  23. How do I use plugins?
  24. How do I add resources to my JAR?
  25. How do I filter resource files?
  26. How do I use external dependencies?
  27. How do I deploy my jar in my remote repository?
  28. How do I create documentation?
  29. How do I build other types of projects?
  30. How do I build more than one project at once?
  1. What is Gradle?
  2. Why Gradle?
  3. Installing and Configuring Gradle
  4. Build Java Project with Gradle
  5. Build C++ Project with Gradle
  6. Build Python Project with Gradle
  7. Dependency Management in Gradle
  8. Project Structure in Gradle
  9. Gradle Tasks
  10. Gradle Profile and Cloud
  11. Gradle Properties
  12. Gradle Plugins

Artifactory

  1. Artifactory
    1. Artifactory Overview
    2. Understanding a role of Artifactory in DevOps
    3. System Requirements
    4. Installing Artifactory in Linux
    5. Using Artifactory
    6. Getting Started
    7. General Information
    8. Artifactory Terminology
    9. Artifactory Repository Types
    10. Artifactory Authentication
    11. Deploying Artifacts using Maven
    12. Download Artifacts using Maven
    13. Browsing Artifactory
    14. Viewing Packages
    15. Searching for Artifacts
    16. Manipulating Artifacts

Packer

  1. Packer
  2. Getting to Know Packer
    1. What is Packer?
    2. Save What is Packer?
    3. Installing Packer
    4. Save Installing Packer
    5. The Packer workflow and components
    6. Save The Packer workflow and components
    7. The Packer CLI
    8. Save The Packer CLI
  3. Baking a Website Image for EC2
  4. Select an AWS AMI base
  5. Save Select an AWS AMI base
  6. Automate AWS AMI base build
  7. Save Automate AWS AMI base build
  8. Using build variables
  9. Save Using build variables
  10. Provision Hello World
  11. Save Provision Hello World
  12. Provision a basic site
  13. Save Provision a basic site
  14. Customization with a Config Management Tool
    1. Simplify provisioning with a config tool
    2. Save Simplify provisioning with a config tool
    3. Use ansible to install the webserver
    4. Save Use ansible to install the webserver
    5. Debugging
    6. Save Debugging
  15. Building Hardened Images
    1. Use Ansible modules to harden our image
    2. Save Use Ansible modules to harden our image
    3. Baking a Jenkins image
    4. Save Baking a Jenkins image
  16. Building a Pipeline for Packer Image
    1. Validate Packer templates
    2. Save Validate Packer templates
    3. Create a manifest profile
    4. Save Create a manifest profile
    5. Testing
    6. Save Testing
    7. CI pipeline
    8. Save CI pipeline

Junit

  1. - What is Unit Testing?
  2. - Tools for Unit Testing
  3. - What is Junit?
  4. - How to configure Junit?
  5. - Writing Basic Junit Test cases
  6. - Running Basic Junit Test cases
  7. - Junit Test Results

Selenium

  1. Introduction to Selenium
  2. Components of Selenium
    1. - Selenium IDE
    2. - Selenium Web driver
    3. - Selenium Grid
  3. Installing and Configuring Selenium
  4. Working with Selenium IDE
  5. Working With Selenium Web driver with Java Test Case Setup and Working with Selenium Grid
  6. Setup and Working with Selenium Grid

Jacoco

  1. Overview of Code coverage process
  2. Introduction of Jacoco
  3. How Jacoco works!
  4. How to install Jaoco?
  5. Setup testing Environment with Jacoco
  6. Create test data files using Jacoco and Maven
  7. Create a Report using Jacoco
  8. Demo - Complete workflow of Jacoco with Maven and Java Project

  1. Overflow of Configuration Management
  2. Introduction of Ansible
  3. Ansible Architecture
  4. Let’s get startted with Ansible
  5. Ansible Authentication & Authorization
  6. Let’s start with Ansible Adhoc commands
  7. Let’s write Ansible Inventory
  1. Let’s write Ansible Playbook
  2. Working with Popular Modules in Ansible
  3. Deep Dive into Ansible Playbooks
  4. Working with Ansible Variables
  5. Working with Ansible Template
  6. Working with Ansible Handlers
  7. Roles in Ansible
  8. Ansible Galaxy

  1. Understanding the Need of Kubernetes
  2. Understanding Kubernetes Architecture
  3. Understanding Kubernetes Concepts
  4. Kubernetes and Microservices
  5. Understanding Kubernetes Masters and its Component
    1. kube-apiserver
    2. etcd
    3. kube-scheduler
    4. kube-controller-manager
  6. Understanding Kubernetes Nodes and its Component
    1. kubelet
    2. kube-proxy
    3. Container Runtime
  7. Understanding Kubernetes Addons
    1. DNS
    2. Web UI (Dashboard)
    3. Container Resource Monitoring
    4. Cluster-level Logging
  1. Understand Kubernetes Terminology
  2. Kubernetes Pod Overview
  3. Kubernetes Replication Controller Overview
  4. Kubernetes Deployment Overview
  5. Kubernetes Service Overview
  6. Understanding Kubernetes running environment options
  7. Working with first Pods
  8. Working with first Replication Controller
  9. Working with first Deployment
  10. Working with first Services
  11. Introducing Helm
  12. Basic working with Helm

  1. Introduction
  2. What's the Scenario?
  3. Terraform Components
  1. Introduction
  2. Terraform State and Update
  3. What's the Scenario?
  4. Data Type and Security Groups
  1. Introduction
  2. What's the Scenario?
  3. Terraform Provisioners
  4. Terraform Syntax
  1. Introduction
  2. What's the Scenario?
  3. Terraform Providers
  4. Terraform Functions
  5. Intro and Variable
  6. Resource Creation
  7. Deployment and Terraform Console
  8. Updated Deployment and Terraform Commands

  1. Lets understand Continuous Integration
  2. What is Continuous Integration
  3. Benefits of Continuous Integration
  4. What is Continuous Delivery
  5. What is Continuous Deployment
  6. Continuous Integration Tools

  1. What is Jenkins
  2. History of Jenkins
  3. Jenkins Architecture
  4. Jenkins Vs Jenkins Enterprise
  5. Jenkins Installation and Configurations

  1. Jenkins Dashboard Tour
  2. Understand Freestyle Project
  3. Freestyle General Tab
  4. Freestyle Source Code Management Tab
  5. Freestyle Build Triggers Tab
  6. Freestyle Build Environment
  7. Freestyle Build
  8. Freestyle Post-build Actions
  9. Manage Jenkins
  10. My Views
  11. Credentials
  12. People
  13. Build History

  1. Creating a Simple Job
  2. Simple Java and Maven Based Application
  3. Simple Java and Gradle Based Application
  4. Simple DOTNET and MSBuild Based Application

  1. Jobs Scheduling in Jenkins
  2. Manually Building
  3. Build Trigger based on fixed schedule
  4. Build Trigger by script
  5. Build Trigger Based on pushed to git
  6. Useful Jobs Configuration
  7. Jenkins Jobs parameterised
  8. Execute concurrent builds
  9. Jobs Executors
  10. Build Other Projects
  11. Build after other projects are built
  12. Throttle Builds

  1. Jenkins Plugins
  2. Installing a Plugin
  3. Plugin Configuration
  4. Updating a Plugin
  5. Plugin Wiki
  6. Top 20 Useful Jenkins Plugins
  7. Using Jenkins Pluginss Best Practices
  1. Jenkins Node Managment
  2. Adding a Linux Node
  3. Adding a Windows Nodes
  4. Nodes Management using Jenkins
  5. Jenkins Nodes High Availability

  1. Jenkins Integration with other tools
  2. Jira
  3. Git
  4. SonarQube
  5. Maven
  6. Junit
  7. Ansible
  8. Docker
  9. AWS
  10. Jacoco
  11. Coverity
  12. Selenium
  13. Gradle

  1. Reports in Jenkins
  2. Junit Report
  3. SonarQube Reports
  4. Jacoco Reports
  5. Coverity Reports
  6. Selenium Reports
  7. Test Results
  8. Cucumber Reports

  1. Jenkins Node Managment
  2. Adding a Linux Node
  3. Adding a Windows Nodes
  4. Nodes Management using Jenkins
  5. Jenkins Nodes High Availability

  1. Notification & Feedback in Jenkins
  2. CI Build Pipeline & Dashboard
  3. Email Notification
  4. Advance Email Notification
  5. Slack Notification

  1. Jenkins Advance - Administrator
  2. Security in Jenkins
  3. Authorization in Jenkins
  4. Authentication in Jenkins
  5. Managing folder/subfolder
  6. Jenkins Upgrade
  7. Jenkins Backup
  8. Jenkins Restore
  9. Jenkins Command Line

  1. Datadog provides real-time monitoring of your infrastructure and applications, allowing you to quickly identify and resolve issues before they impact your users.
  1. With Datadog, you can create customizable dashboards that give you a real-time view of your entire infrastructure. These dashboards can be tailored to your specific needs and can include metrics and alerts for all of your systems and applications.
  1. Datadog integrates with a wide range of third-party tools and services, allowing you to monitor and manage your entire IT stack from a single platform.
  1. Datadog provides collaboration tools that enable your IT team to work together to resolve issues quickly and efficiently.
  1. Datadog can be configured to automatically alert you when certain metrics or events occur. You can set up alerts for things like server downtime, high CPU usage, or application errors.
  1. Datadog collects and analyzes a wide range of metrics from your infrastructure and applications, including server performance, network traffic, and application logs.
  1. Datadog's machine learning capabilities can help you identify anomalies and patterns in your data, allowing you to proactively address issues before they become critical.

  1. What Is Splunk?
  2. Overview
  3. Machine Data
  4. Splunk Architecture
  5. Careers in Splunk

  1. Setting up the Splunk Environment
  2. Overview
  3. Splunk Licensing
  4. Getting Splunk
  5. Installing Splunk
  6. Adding Data to Splunk

  1. Basic Searching Techniques
  2. Adding More Data
  3. Search in Splunk
  4. Demo: Splunk Search
  5. Splunk Search Commands
  6. Splunk Processing Langauge
  7. Splunk Reports
  8. Reporting in Splunk
  9. Splunk Alerts
  10. Alerts in Splunk

  1. Enterprise Splunk Architecture
  2. Overview
  3. Forwarders
  4. Enterprise Splunk Architecture
  5. Installing Forwarders
  6. Installing Forwarders
  7. Troubleshooting Forwarder Installation
  1. Splunking for DevOps and Security
  2. Splunk in DevOps
  3. DevOps Demo
  4. Splunk in Security
  5. Enterprise Use Cases

  1. Application Development in Splunkbase
  2. What Is Splunkbase?
  3. Navigating the Splunkbase
  4. Creating Apps for Splunk
  5. Benefits of Building in Splunkbase

  1. Splunking on Hadoop with Hunk
  2. What Is Hadoop?
  3. Running HDFS Commands
  4. What Is Hunk?
  5. Installing Hunk
  6. Moving Data from HDFS to Hunk

  1. Composing Advanced Searches
  2. Splunk Searching
  3. Introduction to Advanced Searching
  4. Eval and Fillnull Commands
  5. Other Splunk Command Usage
  6. Filter Those Results!
  7. The Search Job Inspector

  1. Creating Search Macros
  2. What Are Search Macros?
  3. Using Search Macros within Splunk
  4. Macro Command Options and Arguments
  5. Other Advanced Searching within Splunk

  1. Introduction and Overview of NewRelic
  2. What is Application Performance Management?
  3. Understanding a need of APM
  4. Understanding transaction traces
  5. What is Application Performance?
  6. APM Benefits
  7. APM Selection Criteria
  8. Why NewRelic is best for APM?
  9. What is NewRelic APM?
  10. How does NewRelic APM work?
  11. NewRelic Architecture
  12. NewRelic Terminology

  1. Installing and Configuring NewRelic APM Agents for Application
  2. Register a Newrelic Trial account
  3. Installing a JAVA Agent to Monitor your Java Application
  4. Installing a PHP Agent to Monitor your PHP Application
  5. Installing New Relic Agent for .NET Framework Application
  6. Installing a Docker based Agent to Monitor your Docker based Application
  7. Understanding of NewRelic Configration settings of newrelic.yml
  8. Understanding of NewRelic Agent Configration settings

  1. Working with NewRelic Dashboard
  2. Understanding a transactions
  3. Understanding Apdex and Calculating and Setting Apdex Threshold
  4. Understanding Circuit break
  5. Understanding Throughput
  6. Newrelic default graphs
  7. Understanding and Configuring Service Maps
  8. Understanding and Configuring JVM
  9. Understanding Error Analytics
  10. Understanding Violations
  11. Understanding and Configuring Deployments
  12. Understanding and Configuring Thread Profiler
  13. Depp Dive into Transaction Traces
  14. Profiling with New Relic
  1. Creating and managing Alerts
  2. Working with Incidents
  3. Sending NewRelic Alerts to Slack
  4. Assessing the quality of application deployments
  5. Monitoring using Newrelic
  6. View your applications index
  7. APM Overview page
  8. New Relic APM data in Infrastructure
  9. Transactions page
  10. Databases and slow queries
  11. Viewing slow query details
  12. External services page
  13. Agent-specific UI
  14. Viewing the transaction map

  1. Deep Dive into Newrelic Advance
  2. Newrelic transaction alerts
  3. Configure abnd Troubleshoot and Cross Application Traces
  4. NewRelic Service Level Agreements
  5. Troubleshooting NewRelic
  6. Understanding and Configuring NewRelic X-Ray Sessions
  7. Deep Dive into NewRelic Agent Configuration
  8. Adding Custom Data with the APM Agent
  9. Extending Newrelic using Plugins
  10. Finding and Fixing Application Performance Issues with New Relic APM
  11. Setting up database montioring using Newrelic APM
  12. Setting up and Configuring Newrelic Alerts

  1. Working with NewRelic Performance Reports
  2. Availability report
  3. Background jobs analysis report
  4. Capacity analysis report
  5. Database analysis report
  6. Host usage report
  7. Scalability analysis report
  8. Web transactions analysis report
  9. Weekly performance report

  • What is Application Performance Management?
  • Understanding a need of APM
  • Understanding transaction traces
  • What is Application Performance?
  • APM Benefits
  • APM Selection Criteria
  • Why NewRelic is best for APM?
  • What is NewRelic APM?
  • How does NewRelic APM work?
  • NewRelic Architecture
  • NewRelic Terminology
  • Register a Newrelic Trial account
  • Installing a JAVA Agent to Monitor your Java Application
  • Installing a PHP Agent to Monitor your PHP Application
  • Installing New Relic Agent for .NET Framework Application
  • Installing a Docker based Agent to Monitor your Docker based Application
  • Understanding of NewRelic Configration settings of newrelic.yml
  • Understanding of NewRelic Agent Configration settings
  • Understanding a transactions
  • Understanding Apdex and Calculating and Setting Apdex Threshold
  • Understanding Circuit break
  • Understanding Throughput
  • Newrelic default graphs
  • Understanding and Configuring Service Maps
  • Understanding and Configuring JVM
  • Understanding Error Analytics
  • Understanding Violations
  • Understanding and Configuring Deployments
  • Understanding and Configuring Thread Profiler
  • Depp Dive into Transaction Traces
  • Profiling with New Relic
  • Creating and managing Alerts
  • Working with Incidents
  • Sending NewRelic Alerts to Slack
  • Assessing the quality of application deployments
  • View your applications index
  • APM Overview page
  • New Relic APM data in Infrastructure
  • Transactions page
  • Databases and slow queries
  • Viewing slow query details
  • External services page
  • Agent-specific UI
  • Viewing the transaction map
  • Newrelic transaction alerts
  • Configure abnd Troubleshoot and Cross Application Traces
  • NewRelic Service Level Agreements
  • Troubleshooting NewRelic
  • Understanding and Configuring NewRelic X-Ray Sessions
  • Deep Dive into NewRelic Agent Configuration
  • Adding Custom Data with the APM Agent
  • Extending Newrelic using Plugins
  • Finding and Fixing Application Performance Issues with New Relic APM
  • Setting up database montioring using Newrelic APM
  • Setting up and Configuring Newrelic Alerts
  • Availability report
  • Background jobs analysis report
  • Capacity analysis report
  • Database analysis report
  • Host usage report
  • Scalability analysis report
  • Web transactions analysis report
  • Weekly performance report

STRIDE:
  1. STRIDE is a threat modeling methodology developed by Microsoft that identifies six types of threats: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
  2. The STRIDE approach involves analyzing each component of a system to identify potential threats and vulnerabilities, and then determining appropriate countermeasures to mitigate these risks.
PASTA:
  1. PASTA is a Process for Attack Simulation and Threat Analysis that is based on the concept of "attacker thinking".
  2. The PASTA approach involves identifying potential attackers and their motivations, analyzing potential attack paths, and identifying countermeasures to mitigate these risks.
  3. PASTA is a comprehensive methodology that considers both technical and non-technical factors in the threat modeling process.
VAST:
  1. VAST is a Visual, Agile, and Simple Threat modeling methodology that is designed to be accessible to both technical and non-technical stakeholders.
  2. The VAST approach involves creating visual models of the system and its components, and then identifying potential threats and vulnerabilities through a series of brainstorming sessions.
  3. VAST is designed to be flexible and adaptable, and can be used in a variety of development methodologies.
Microsoft Threat Modeling Tool:
  1. The Microsoft Threat Modeling Tool is a free tool that helps organizations identify potential threats and vulnerabilities in their software systems.
  2. The tool uses the STRIDE methodology and allows users to create data flow diagrams of their systems, which can then be analyzed for potential threats and vulnerabilities.
  3. The Microsoft Threat Modeling Tool provides a comprehensive set of reports and analysis tools, allowing users to prioritize and address potential risks.
OWASP Threat Dragon:
  1. OWASP Threat Dragon is an open-source tool that helps organizations identify potential threats and vulnerabilities in their software systems.
  2. The tool uses a data flow diagram approach to threat modeling, allowing users to create visual models of their systems and identify potential attack paths.
  3. OWASP Threat Dragon provides a comprehensive set of reports and analysis tools, and is designed to integrate with other development tools and methodologies.

OWASP ZAP (Zed Attack Proxy):
  1. OWASP ZAP is a free, open-source DAST tool that can be used to identify vulnerabilities in web applications.
  2. ZAP can be used to perform a variety of tests, including active scanning, passive scanning, and fuzz testing.
  3. The tool provides a user-friendly interface and can be integrated with other testing tools and frameworks.
Skipfish:
  1. Skipfish is a free, open-source DAST tool that can be used to identify vulnerabilities in web applications.
  2. Skipfish is designed to be fast and efficient, making it a good choice for testing large, complex web applications.
  3. The tool can be run in parallel, allowing it to perform tests on multiple web applications simultaneously.
Nmap:
  1. Nmap is a free, open-source network scanning tool that can be used to identify open ports and services on a network.
  2. Nmap can also be used to identify potential vulnerabilities in web applications and other network services.
  3. The tool provides a variety of scanning options, including stealth scanning and operating system fingerprinting.
OpenVAS:
  1. OpenVAS is a free, open-source vulnerability scanner that can be used to identify vulnerabilities in web applications and other network services.
  2. The tool provides a comprehensive set of tests, including active scanning, passive scanning, and vulnerability analysis.
  3. OpenVAS also provides a variety of reporting options, including detailed reports and risk assessments.
Fortify WebInspect:
  1. Fortify WebInspect is a commercial DAST tool that can be used to identify vulnerabilities in web applications.
  2. The tool provides a comprehensive set of tests, including active scanning, passive scanning, and fuzz testing.
  3. Fortify WebInspect also provides a variety of reporting options, including detailed reports and risk assessments.

Network Configurations:
    1. Consul provides a central service registry that keeps track of all the services in the infrastructure.
    2. Each microservice in the infrastructure registers itself with Consul, providing information like its IP address, port, and health status.
    3. Consul also supports multiple datacenters, allowing for the deployment of services across different regions or availability zones.
    4. Consul provides a DNS interface that can be used to discover services in the infrastructure. Applications can use this interface to resolve service names to IP addresses and connect to the appropriate service.
Service Discovery:
  1. Consul provides a service discovery mechanism that enables microservices to discover and communicate with each other.
  2. Consul supports different service discovery methods, including DNS, HTTP, and gRPC.
  3. Consul can perform health checks on the services in the infrastructure to ensure that they are functioning properly. If a service fails a health check, it is removed from the service registry until it is healthy again.
  4. Consul also supports service segmentation, allowing services to be grouped into logical subsets based on tags or other attributes. This enables more fine-grained control over service discovery and traffic routing.

  1. Introduction to Software Composition Analysis (SCA) and its importance in modern software development.
  2. Overview of OWASP Dependency Check as a popular SCA tool in the market.
  3. Understanding the SCA process: scanning, analysis, and remediation.
  4. Deep-dive into OWASP Dependency Check, including installation, configuration, and usage.
  5. Demo of OWASP Dependency Check, including a walk-through of its user interface and workflow.
  6. Understanding OWASP Dependency Check reports and how to interpret them.
  7. Best practices for using OWASP Dependency Check in SCA, including how to interpret and act on its findings.
  8. Integration of OWASP Dependency Check with CI/CD pipelines and other development tools.
  9. Common issues and limitations of SCA tools like OWASP Dependency Check and how to mitigate them.
  10. Real-world examples of how OWASP Dependency Check has helped organizations improve their software security.
  11. Future developments in OWASP Dependency Check and SCA in general.
  12. Q&A session to answer any remaining questions or concerns about OWASP Dependency Check, SCA, or software security in general.
  1. Introduction to Software Composition Analysis (SCA) and its importance in modern software development.
  2. Overview of JFrog Xray as a popular SCA tool in the market.
  3. Understanding the SCA process: scanning, analysis, and remediation.
  4. Deep-dive into JFrog Xray, including installation, configuration, and usage.
  5. Demo of JFrog Xray, including a walk-through of its user interface and workflow.
  6. Understanding JFrog Xray reports and how to interpret them.
  7. Best practices for using JFrog Xray in SCA, including how to interpret and act on its findings.
  8. Integration of JFrog Xray with CI/CD pipelines and other development tools.
  9. Common issues and limitations of SCA tools like JFrog Xray and how to mitigate them.
  10. Real-world examples of how JFrog Xray has helped organizations improve their software security.
  11. Future developments in JFrog Xray and SCA in general.
  12. Comparison between JFrog Xray and other SCA tools in terms of features, capabilities, and pricing.

Falco
  1. Securuing Containers (RASP)- Twistkock
  2. Falco Components
  3. Userspace program
  4. Falco Configuration
  5. Privilege escalation using privileged containers
  6. Namespace changes using tools like setns
  7. Read/Writes to well-known directories such as /etc, /usr/bin, /usr/sbin
  8. Creating symlinks
  9. Ownership and Mode changes
  10. Unexpected network connections or socket mutations
  11. Securuing Containers (RASP)- Falco
  12. Spawned processes using execve
  13. Falco drivers
  14. Falco userspace program
  15. Executing shell binaries such as sh, bash, csh, zsh, etc
  16. Executing SSH binaries such as ssh, scp, sftp, etc
  17. Mutating Linux coreutils executables
  18. Mutating login binaries
  19. Mutating shadowutil or passwd executables
Notary
  1. What is CNCF Notary
  2. Why CNCF Notary?
  3. What is The Update Framework (TUF)?
  4. Understand the Notary service architecture
  5. Brief overview of TUF keys and roles
  6. Architecture and components
  7. Example client-server-signer interaction
  8. Threat model
  9. Notary server compromise
  10. Notary signer compromise
  11. Notary client keys and credentials compromise
  12. Run a Notary service
  13. Notary configuration files

  1. Introduction to Web Application Firewall (WAF) and its importance in securing web applications.
  2. Overview of AWS WAF, Azure Web Application Firewall, and Cloudflare Web Application Firewall as popular WAF solutions in the market.
  3. Understanding the architecture and key features of each WAF solution.
  4. Deep-dive into each WAF solution, including installation, configuration, and usage.
  5. Demo of each WAF solution, including a walk-through of its user interface and workflow.
  6. Understanding WAF rules and how to create and customize them for specific use cases in each WAF solution.
  7. Best practices for using each WAF solution to protect web applications, including how to interpret and act on its findings.
  8. Integration of each WAF solution with other cloud services and development tools.
  1. Common issues and limitations of WAF solutions like AWS WAF, Azure Web Application Firewall, and Cloudflare Web Application Firewall and how to mitigate them.
  2. Real-world examples of how each WAF solution has helped organizations improve their web application security.
  3. Comparison between AWS WAF, Azure Web Application Firewall, and Cloudflare Web Application Firewall in terms of features, capabilities, and pricing.
  4. Future developments in WAF solutions and WAF in general.
  5. Q&A session to answer any remaining questions or concerns about AWS WAF, Azure Web Application Firewall, Cloudflare Web Application Firewall, WAF, or web application security in general.

  1. Introduction to securing credentials and why it is important in today's security landscape.
  2. Overview of HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, AWS KMS, and Kubernetes Secrets as popular solutions for securing credentials.
  3. Understanding the architecture and key features of each solution.
  4. Deep-dive into each solution, including installation, configuration, and usage.
  5. Demo of each solution, including a walk-through of its user interface and workflow.
  6. Understanding the types of credentials that can be secured using each solution.
  7. Best practices for using each solution to secure credentials, including how to interpret and act on its findings.
  8. Integration of each solution with other cloud services and development tools.
  1. Common issues and limitations of each solution and how to mitigate them.
  2. Real-world examples of how each solution has helped organizations improve their credential security.
  3. Comparison between HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, AWS KMS, and Kubernetes Secrets in terms of features, capabilities, and pricing.
  4. Future developments in securing credentials and the solutions that support them.
  5. Q&A session to answer any remaining questions or concerns about securing credentials using HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, AWS KMS, Kubernetes Secrets, or credential security in general.

  1. Introduction to policy-based control and its importance in cloud native environments.
  2. Overview of Open Policy Agent (OPA) as a popular open-source policy engine for cloud native environments.
  3. Understanding the architecture and key features of OPA, including the Rego policy language.
  4. Deep-dive into OPA, including installation, configuration, and usage.
  5. Demo of OPA, including a walk-through of its user interface and workflow.
  6. Understanding how policies can be defined in OPA using the Rego policy language, and how they can be enforced in cloud native environments.
  7. Best practices for defining policies in OPA to ensure proper control and compliance.
  8. Integrating OPA with cloud native technologies, such as Kubernetes, Istio, and Envoy, to enforce policies.
  1. Leveraging OPA to ensure compliance with industry standards and regulations, such as CIS benchmarks and GDPR.
  2. Monitoring and auditing policy compliance using OPA.
  3. Common issues and limitations of OPA and how to mitigate them.
  4. Real-world examples of how OPA has helped organizations improve their policy-based control in cloud native environments.
  5. Future developments in policy-based control and OPA, including the potential for machine learning and AI-based policy enforcement.
  6. Comparison between OPA and other policy engines in terms of features, capabilities, and pricing.
  7. Q&A session to answer any remaining questions or concerns about policy-based control for cloud native environments using Open Policy Agent.

  1. Introduction to cloud security and the shared responsibility model for cloud security.
  2. Overview of AWS security services, such as AWS Identity and Access Management (IAM), AWS Key Management Service (KMS), and AWS Security Hub.
  3. Best practices for securing AWS resources, including configuring network security, managing access control, and securing data.
  4. Understanding AWS compliance and regulatory requirements, such as HIPAA and PCI DSS.
  5. Overview of Azure security services, such as Azure Active Directory (AD), Azure Security Center, and Azure Key Vault.
  6. Best practices for securing Azure resources, including configuring network security, managing access control, and securing data.
  7. Understanding Azure compliance and regulatory requirements, such as GDPR and ISO 27001.
  1. Comparing and contrasting AWS and Azure security services and practices.
  2. Cloud security automation with tools like AWS CloudFormation and Azure Resource Manager.
  3. Container security best practices with AWS Elastic Container Service (ECS) and Azure Kubernetes Service (AKS).
  4. DevSecOps practices and tooling for cloud security.
  5. Real-world examples of how organizations have successfully implemented cloud security practices with AWS and Azure.
  6. Future trends and developments in cloud security.
  7. Q&A session to answer any remaining questions or concerns about cloud security with AWS and Azure.

  1. Introduction to SIEM and its role in security operations.
  2. Overview of Splunk SIEM, its architecture, and its components.
  3. Data ingestion and management in Splunk SIEM, including configuring data sources and handling data volume and retention.
  4. Creating and managing dashboards, reports, and alerts in Splunk SIEM.
  5. Splunk SIEM search language and syntax, including basic and advanced search commands.
  6. Using Splunk Enterprise Security (ES) to manage and analyze security events and incidents.
  1. Integrating third-party security tools and platforms with Splunk SIEM.
  2. Best practices for deploying and scaling Splunk SIEM in enterprise environments.
  3. Splunk SIEM use cases and real-world examples of how organizations have successfully implemented it for security operations.
  4. Future trends and developments in SIEM and Splunk SIEM.
  5. Q&A session to answer any remaining questions or concerns about Splunk SIEM and SIEM in general.