Become a Certified  DevSecOps Engineer E|CDE

EC-Council Certified DevSecOps Engineer

EC-Council’s Certified DevSecOps Engineer (E|CDE) is a hands-on, instructor-led comprehensive DevSecOps certification program that helps professionals build the essential skills needed to design, develop, and maintain secure applications and infrastructure.

    • The E|CDE covers both on-premises and cloud-native environments (including AWS Cloud and Microsoft Azure) with 80+ labs from the creators of the world’s number one ethical hacking program, the Certified Ethical Hacker (C|EH).
  • Designed and developed by SMEs with contributions by experienced DevSecOps professionals from around the world.

Why EC-Council Certified DevSecOps Engineer E|CDE?

Key USPs of E|CDE

C|CSE is a unique course that stands apart from other cloud computing programs.

Lab-intensive program
with more than 80+ skill-based labs

Covers both application and
infrastructure DevSecOps of on-premises and cloud-native platforms

Covers security aspects
and tools integration at
all eight DevOps stages

Mapped with real-time job
roles and the responsibilities
of DevSecOps Engineers

How E|CDE Can Secure Cloud Environments

Cloud security usually happens outside the software development life cycle. EC-Council’s E|CDE program enables teams to address cloud security issues via CI/CD pipelines and fix issues directly at the source.

How E|CDE Can Secure AWS Cloud

  • AWS offers a set of tools and services to identify vulnerabilities at different stages of the development life cycle.
  • The E|CDE program covers how to integrate all the necessary AWS tools to identify security vulnerabilities at various stages of the DevSecOps pipeline.

Certified Cloud Security Engineer (CCSE)
Course Outline

Module 01: Understanding DevOps Culture

  • Understand the Evolution of the Software Development Life Cycle
  • Understand what DevOps is
  • Learn to Implement DevOps in an On-Premises Environment
  • Learn to Implement DevOps in an AWS Cloud Native Environment
  • Learn to Implement DevOps in an Azure Cloud Native Environment
  • Understand the Frameworks and Maturity Model in DevOps
  • Evaluate Security Silos in DevOps

MODULE 02: Introduction to DevSecOps

  • Addressing DevOps Process Security Bottlenecks and Challenges
  • Understand DevSecOps
  • Understand DevSecOps Culture
  • Understand Continuous Security in DevSecOps
  • Understand the DevSecOps Pipeline
  • Understand DevSecOps Strategy
  • Understand DevSecOps Tools

Module 03: DevSecOps Pipeline-Plan Stage

  • Understand Continuous Threat Modeling in the DevSecOps Pipeline
  • Learn to Integrate Threat Modeling Tools
  • Learn to Gather Security Requirements from Business Functionality
  • Address Technical Security Debts
  • Learn to Run Pre-Commit Checks in the Plan Stage
  • Understand Secure Code Training and Awareness
  • Understand Security Tools Training

Module 04: DevSecOps Pipeline-Code Stage

  • Learn to Integrate Security Plugins in IDEs
  • Learn to Configure and Manage Code Scanning for GitHub Repository
  • Learn to Integrate and Scan Source Code Repository
  • Learn to Integrate Secret Management Tools
  • Learn to Integrate Software Composition Analysis (SCA) Tools
  • Learn to Integrate SCA Tools with IDE
  • Learn to Integrate SCA Tools with Source Code Repository
  • Learn to Integrate SCA Tools with Travis CI, Jenkins, and GitLab
  • Learn to Integrate SCA Tools with AWS
  • Learn to Integrate SCA Tools with Microsoft Azure

Module 05: DevSecOps Pipeline-Build and Test Stage

  • Learning to Integrate SAST Tool
  • Learning to Integrate SAST Tool with AWS Cloud
  • Learning to Integrate SAST Tool with Microsoft Azure
  • Conducting Manual Secure Code Review
  • Learning to Integrate DAST Tool
  • Learning to Integrate DAST Tool with AWS
  • Learning to Integrate DAST Tool with Microsoft Azure
  • Learning to Integrate IAST Tool
  • Understanding Security Testing Framework

Module 06: DevSecOps Pipeline-Release and Deploy Stage

  • Learn to Integrate RASP Tool
  • Learn to Conduct Penetration Testing
  • Learn to Integrate Vulnerability Scanning Tool
  • Understand Bug Bounty Program
  • Learn to Integrate Threat Detection Tools
  • Understand Infrastructure Deployment using Infrastructure as Code (IaC)
  • Learn Infrastructure Provisioning as Code (IaC) using Terraform
  • Learn to Integrate AWS CloudFormation
  • Learn to Integrate Configuration Orchestration Tools: Ansible
  • Learn to Integrate Configuration Orchestration Tools: Chef
  • Learn to Integrate Configuration Orchestration Tools: Puppet
  • Learn to Integrate Configuration Orchestration Tools: Azure Resource Management

Module 07: DevSecOps Pipeline-Operate and Monitor Stage

  • Understand Security Activities in the Operate and Monitor Stage
  • Learn to Scan Infrastructure as Code (IaC) for Vulnerabilities
  • Learn to Scan Infrastructure for Vulnerabilities
  • Learn to Secure Containers
  • Learn to Integrate Container Vulnerability Scanning Tools
  • Learn to Secure Jenkins
  • Learn to Integrate Compliance as Code (CaC) Tools
  • Learn to Integrate Logging, Monitoring, and Alerting Tools
  • Understand Monitoring Features in AWS
  • Understand Monitoring Features in Azure
  • Learn to Integrate WAF
  • Learn to Integrate Continuous Feedback

E|CDE Exam Information

Exam Title

EC-Council Certified
DevSecOps Engineer (E|CDE)

Exam Code

312-97

Number of Questions

100

Duration

4 hours

Availability

EC-Council Exam Portal

Test Format

Multiple Choice

Passing Score

70.00%