Tags:
Security can’t be an afterthought in today’s fast-moving DevOps world. SEC540TM: Cloud Security and DevSecOps AutomationTM has been redesigned to better equip you with the hands-on skills to embed security into the development pipeline, helping your team move fast without compromising safety. Whether you're a developer, security professional, or operations engineer, SEC540 provides practical, automation-driven solutions to strengthen cloud-native applications against real-world attacks. With cybercriminals increasingly targeting CI/CD pipelines—as seen in recent software supply chain breaches—learning how to harden infrastructure-as-code, implement security gates, and detect misconfigurations is more critical than ever.
This isn't just theory—SEC540 is built around immersive labs that mirror real-world DevSecOps challenges. You’ll automate security with GitHub Actions and Terraform, lock down AWS, Azure, and Kubernetes, and build a fully functional, security-enhanced pipeline you can bring back to your team. If you’re looking to level up your DevSecOps game and stay ahead of attackers, SEC540 is where you need to be.
What’s New in the SEC540 Course
Learn to navigate the Cloud Native Landscape by taking the newly updated SEC540 course, now featuring enhanced content and hands-on labs. The latest updates cover reusable CI/CD components, merge request checks, Kubernetes Role-Based Access Control (RBAC), Kustomize, OpenTelemetry, Grafana’s LTM stack, Prowler, and Defect Dojo—giving you the skills you need to secure workloads and automate security at every stage of development.
Advanced CI/CD Pipeline Capabilities
The 2024 Accelerate State of DevOps report highlights a faster-than-ever software delivery pace, with 41% of teams deploying systems more than once a week. As speed increases, the average change control lead time has dropped to less than a week. In conversations with students last year, one topic stood out:
“Our security team is struggling to keep up. How do we scale security?”
To illustrate how teams can scale security effectively, SEC540 now includes content on using GitHub Actions and GitLab CI/CD Components to create security tasks and store them in private repositories within your organization. Students will learn to incorporate security-focused GitLab CI/CD components into merge request pipelines and help reviewers make informed approval decisions.

Kubernetes User Job Roles and Access Control
The Cloud Native Computing Foundation (CNCF) 2024 report estimates that 80% of new and refactored applications are built for cloud-native platforms, with Kubernetes powering the infrastructure. Last year, SEC540 introduced six new modules and labs on cloud-native and Kubernetes security, focusing on configuration, defense, and auditing.
Feedback from students was fantastic—with requests for even more! This year, we’ve added deeper discussions on Kubernetes authentication and RBAC, including AWS EKS Access Entries and Azure Kubernetes Entra ID. Students gain hands-on experience writing Kubernetes RBAC policies for common job roles such as namespace admin, editor, viewer, log viewer, and security auditor.

Monitoring & Observability
As critical workloads move to public cloud and Kubernetes, observability and continuous monitoring are more important than ever. Securing a cloud-native environment requires collecting telemetry data across multiple clouds, Kubernetes clusters, nodes, and CI/CD runners.
Course author Ben Allen developed a monitoring stack using Grafana, Loki, Mimir, and Tempo to simulate a real-world monitoring vendor. Students will learn how to use OpenTelemetry to collect data from cloud workloads, Kubernetes clusters, and GitLab CI/CD, build dashboards, and generate security alerts.

Compliance and Policy as Code
Compliance and audit teams struggle to manage the massive amounts of security data generated in DevOps pipelines. Application Security Posture Management (ASPM) platforms can help aggregate, deduplicate, and triage vulnerability data, but many teams are not leveraging automation for continuous system health evaluation and enforcement and deployment of security policies in CI/CD pipelines.
Students will learn how to automate compliance using Defect Dojo to import findings from multiple CI/CD pipelines, create policy-as-code for GitLab repositories, and “pull the andon cord” to stop a release when security thresholds are breached.

Join Us in the Cloud Security Journey! These new topics and labs will help students secure modern workloads while keeping pace with today’s rapid software development cycles. We look forward to seeing you at an upcoming course or event!
Stay ahead in securing modern workloads with the latest topics and hands-on labs in SEC540TM: Cloud Security and DevSecOps AutomationTM. Whether you're looking to enhance your skills or explore the course with a free demo, now is the perfect time to take the next step. Register today or sign up for a free demo!"
And don't forget to check out this webcast series Securing Your Systems at Cloud Native Speed. (Scroll down to Webcasts for a complete list.)
Special thanks to the course authors and instructors for their contributions bringing the new course content to life: Eric Johnson, Ben Allen, Frank Kim, and Jon Zeolla.