9 interactive modules · 50 min · knowledge checks + final assessment
Preview the course →Free interactive preview — no purchase requiredAbout this product
Tier 3 training for engineers, DevOps, SRE, and AppSec building or running CI/CD pipelines. Nine modules covering: what DevSecOps actually means; secure CI/CD pipelines; secrets and dependency scanning with SBOMs; SAST vs DAST; IaC scanning and cloud misconfiguration; container security; gates, approvals, and branch protection; remediation SLAs and risk-based prioritization; and a customizable DevSecOps checklist for your pipeline. Includes a 12-question final assessment with score-band interpretation.
What's included
- 9 modules (~50 min total) as HTML5
- 12-question final assessment with score interpretation
- Practical CI/CD security checklist
- Secrets / SCA / SAST / DAST / IaC / container scanning patterns
- SLA matrix + reachability-based prioritization framework
- Customizable for your security team contact and policy links
- SCORM export — coming soon
Who it's for
- Engineers responsible for CI/CD pipelines
- DevOps and Site Reliability Engineers
- AppSec teams hardening developer workflows
- Engineering managers running secure-coding programs
Available formats
Responsive, self-contained course — works on any device. Includes knowledge checks and a scored final assessment.
SCORM 1.2 & 2004 package for your LMS (Workday, Cornerstone, Docebo, Litmos, and more) — tracks completion and assessment scores.
Licensing
Single-organization license. Unlimited engineers within one company. Edit copy and add your brand.
Related products
API Security Training
A 40-minute course that walks the OWASP API Security Top 10 through real HTTP requests, vulnerable-vs-fixed handlers, and a downloadable API review checklist.
Secure Developer Training: AI Coding Risks
A 45-minute course for engineers using AI coding assistants — without shipping vulnerabilities.