OpenHack DevSecOps (OHDVSCO)



To be successful and get the most out of this OpenHack and to avoid any delays with downloading or installing tooling, you are encouraged to have the following ready to go.

Course Objectives

During the “hacking” attendees will focus on leveraging available tools/tasks in Azure DevOps to enable best-practice oriented scenarios such as:

  • Managing Secrets
  • Enabling static analysis/ dependency/ container scanning
  • Dynamic Application Security Testing
  • Workflow and organization policy enforcement

By the end of the OpenHack, attendees will have built out a technical solution that enables secure development workflow taking into account recommended best practices, all found through real world engagements with S500 and Hi-Po partners.

Course Content

This OpenHack enables attendees to add security-oriented tooling into their workflow and CI/CD tasks. This OpenHack simulates a real-world scenario where a development team is concerned, they might have leaked information in their web app that could expose their site to being hacked. This discovery has led the team to leverage DevSecOps practices to increase their security posture and catch issues early in the development process.


Microsoft Azure DevOps, Azure Key Vault, Azure Automation, Microsoft Security Code Analysis, Azure Kubernetes Service, Azure Container Registry, Azure Active Directory, Third Party Sonar Cloud, Aqua, Fossa, White Source,

Online Training
Modality: L

Duration 3 days

Classroom Training
Modality: C

Duration 3 days

Currently there are no training dates scheduled for this course.