QA's newly released course "DevSecOps Hands-On" meets the growing demand from organisations needing to secure data used by applications developed using an agile DevOps model.

According to Paul Schwarzenberger, course developer and associate trainer at QA, "traditional security approaches are inefficient and largely ineffective for organisations using Agile, DevOps and Cloud - as illustrated by the massive amount of recent data breaches."

Richard Beck, Director of Cyber at QA, added:

"It's essential that we introduce DevSecOps into the application development lifecycle as early as possible, this collaboration will minimise vulnerabilities, reduce risk and bring security closer to business outcomes."

DevSecOps is a new approach which embeds security to each DevOps team, with automated security testing at all stages of the software development lifecycle.

Security infrastructure, policies, controls, compliance, audit and even secure operations are all coded and automated, with almost no manual processes.

This three-day course introduces the concepts of DevSecOps and gives delegates practical hands-on experience using DevSecOps tools, covering topics ranging from application security and continuous integration pipelines, to cloud security, containers, serverless, and integrated security tests.

DevSecOps Hands-On doesn't just cover technology; we look at a new approach to Security Operations, and explore people aspects such as culture, organisational structure, skills development, team effectiveness and recruitment approaches.

Experience in cyber security or DevOps is beneficial but by no means essential. Delegates will increase their knowledge and understanding of DevSecOps regardless of ability and do not need to be coding experts to complete the labs.

Due to the interactive nature of the course and labs, DevSecOps Hands-on will be delivered on site at QA training centres and is not suitable for online learning.


Visit for more information on how they can help solve the Cyber Security skills gap.

About the author

Paul Schwarzenberger is a Cloud Security Architect and DevSecOps with over 15 years experience leading a wide range of cyber security engagements for customers across sectors including UK Government and financial services. Paul uses an agile DevSecOps approach to lead the implementation and migration of critical systems to public cloud, with demanding security and compliance requirements for protection of personal data, detection and prevention of cyberattacks and financial fraud. He developed courses for QA including “Cloud Security Architecture” and the GCHQ accredited "Practitioner Certificate in Cloud Security", and has delivered both courses several times per year with consistently positive feedback from delegates. Paul has numerous security qualifications and certifications including MSc Information Security Royal Holloway with distinction, CCSP, CISSP and AWS Certified Security Speciality.

Related Articles