Module 1 Summary
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
4 hours 39 minutes
So I've reached the end of this first module. This is less than one point for and it's just gonna get where the summarize what we've learned so far in the course.
So we talked a lot about maturity. Plan to integrate def SEC ops all keep that
that idea through the whole course. And just later on, as we get to the AWAS maturity model,
add a little more concrete thoughts to it.
Um, tough for the major steps of the def SEC ops pipeline pipeline on Lee, from development to the static analysis all the way to operations again, we'll keep that theme going, and each one of the modules is laid out it for each one of those major steps.
He talked about the challenges not just from the developer side, but for the auditor is the operations. And each one has to understand
the other groups
problems. Oh, our challenges that they have to overcome. But you really need again this this champion at this at the top executive level, to say to the organization, This is what we're doing. Everybody get in line.
And we talked a little bit about Turning Dev ops into def. SEC ops and specifically looking at the using the columns framework, which is specific to Dev ops. But we can use that to see Is your organization ready
to automate the security portion and integrate into your debit dev ops lifecycle
and kind of showed that that def sec ups pillars from the duty enterprise reference model just to again get you thinking about Let me look down each one of these pillars and say,
Do I have this? And with within my organization, or can I Is this something that's gonna be easy to do and what I need to find out what I need to put in place in order to meet some of these major pillars
does have a final quiz just to wrap up the module. So which answer is not a component of the com's framework?
measurement, or sherry?
Which one of the the acronyms is not correct here,
though the sea and calmed his culture, the Lord's Ace much shift their culture to integrate security into the Dev Ops pipeline? It continuity is probably a good idea, but it's it's culture is the most important part