Learning Solutions

Learning Library

Courses & Certifications

Industry-leading certifications and training for continuous learning

Job Roles

Rigorous training content and labs for the most critical and in-demand job roles

Industry Frameworks

MITRE ATT&CK- and D3FEND-aligned learning paths

Explore Learning Library

Cyber Ranges

Enterprise Cyber Range & Versus

Set up tournaments and test red and blue team skills in a live-fire cyber range

Offensive Cyber Range

Train on the latest attack vectors to address vulnerabilities

Defensive Cyber Range

Prepare for the next attack with simulated real-world training environments

Watch a demo
Why OffSec

Organizations

Teams & Enterprises

Continuous learning & hands-on skills development for cybersecurity teams

Public Sector

Unique training for government agencies and educational institutions

Use Cases

Meet critical cyber workforce needs with OffSec's learning platform

Contact sales

Individuals

Attain a Certification

Prove critical knowledge & skills with an industry-standard certification

Get Hands-on Practice

Challenge yourself in real-world lab environments

Increase Career Prospects

Ready yourself for the next step in your cybersecurity career

Register now
Plans & Pricing

Organizations

Subscription Pricing

Provide continuous Learning Library access to build cyber workforce resilience

Cyber Ranges

Hands-on training in live-fire, simulation environments

Pentesting Services

Let OffSec conduct a comprehensive vulnerability assessment

Contact sales

Individuals

Pricing

Flexible options based on your learning goals

Learn One
Learn One

12-month access to a single course, related labs, and two exam attempts

Course & Certification Bundle
Course & Certification Bundle

90-day access to a single course, related labs, and one exam attempt

Learn Fundamentals
Learn Fundamentals

12-month access to introductory- and essential-level content

Proving Grounds Labs

OffSec-curated private labs to practice and perfect your pentesting skills

Register now
Partners
Global Partner Program
Partner Portal Login
Find a Partner

Become a Partner

Add OffSec to your list of training providers

Partner with us
Kali & Community
Join Our Community
Kali Linux
Community Projects
OffSec Discord
OffSec Live

Connect with us

OffSec office hours every Friday on Twitch

OffSec Twitch
Resources
2024 Global Infosec Award Winner

OffSec Wins Seven Global InfoSec Awards during RSA Conference 2024

Read blog

Accelerate secure development: Build a strong DevSecOps foundation

OffSec Learning Path: DevSecOps Essentials

Modern development demands security integrated into DevOps processes. This hands-on Learning Path will equip you with the essential skills to automate infrastructure with security in mind, optimize workflows, and accelerate software delivery. Learn to:

  • check

    Provision and manage infrastructure with Terraform

  • check

    Control access and permissions effectively by designing robust IAM systems

  • check

    Build secure and efficient deployment workflows by automating CI/CD pipelines

Get started
Hero image for Accelerate secure development: Build a strong DevSecOps foundation

Secure infrastructure, streamline delivery

This Learning Path will equip you to streamline development processes while prioritizing security. You'll learn to reduce deployment times, integrate robust security practices, and optimize cloud resource management for cost efficiency.

Who is this Learning Path for?

  • DevOps engineers aiming to master security-focused automation
  • Cloud engineers seeking to integrate security into infrastructure management
  • System administrators transitioning into a DevSecOps role
  • Developers interested in infrastructure and security aspects of DevOps

Learning objectives

  • Understand how security integrates into DevOps
  • Automate infrastructure provisioning and management
  • Employ industry-leading tools like Kubernetes and Vault
  • Ensure consistent and secure configurations

Key modules in the DevSecOps Learning Path

DevOps Processes

  • This Learning Module explores and defines terms, processes, and strategies related to DevOps.

Introduction to Infrastructure as Code (IaC)

  • Analyze Infrastructure as Code as a way to implement automated system provisioning. We'll explore declarative and imperative approaches to IaC, and we'll cover an introduction to writing Infrastructure as Code with AWS CDK.

Introduction to Terraform

  • We'll cover an introduction to writing Infrastructure as Code with Terraform, its syntax and analyze a tool to statically analyze Terraform code.

IAM Essentials

  • First part of the "Understanding Identity and Access Management in the Public Cloud" series. This modules covers the basic concepts and mechanisms that public cloud service providers use to implement identification, authentication and authorization in public cloud platforms.

IAM Design Principles

  • Second part of the "Understanding Identity and Access Management in the Public Cloud" series. This module covers some principles to keep in mind when designing IAM in public cloud.

Configuration Management Essentials

  • Entry level configuration management skills building with Ansible.

Secrets Management – Removing Hardcoded Secrets

  • Following an example application, we remove secrets hard coded into the application. We follow a sensible defaults pattern, where possible and use files and environment variables to load secrets.
View full syllabus

DevSecOps overview

10

modules

55+

hours of content (approx.)

8+

skills

DevSecOpsEssentials

Earning an OffSec Learning Badge

Showcase your growing DevSecOps proficiency! Upon completing 80% of the DevSecOps Essentials Learning Path, you'll receive an exclusive OffSec badge signifying:

  • DevSecOps proficiency: Demonstrate your fundamental secure DevOps knowledge and practical skills
  • Industry recognition: Adds a powerful OffSec credential to your skillset
  • Real-world readiness: Prove your ability to design and deploy secure infrastructure

 Why train your team with OffSec?

Actionable skills

Practice in realistic lab environments

Comprehensive approach

Covers IaC, IAM, secrets management, CI/CD security

Attacker mindset

Learn to anticipate vulnerabilities and build resilient systems

Start learning with OffSec

Intro
content

Learn <br/>Fundamentals Learn <br/>Fundamentals

Learn
Fundamentals

$799/year*

Access to all fundamental content for one year to prepare for our advanced courses.

All
access

Learn <br/>Unlimited Learn <br/>Unlimited

Learn
Unlimited

$5799/year

Unlimited OffSec Learning Library access plus unlimited exam attempts for one year.

Large teams

Learn <br/>Enterprise Learn <br/>Enterprise

Learn
Enterprise

Get a quote

Flexible terms and volume discounts available.

*Learn Fundamentals & Learn One subscription auto-renews unless canceled.
learn-fundamentals

Learn Fundamentals is designed to help learn essential cybersecurity concepts and provide the prerequisite skills necessary for our courses & certifications. Gain access to the growing library of fundamental learning paths and demonstrate achievement with assessments and badges.

Register now Learn more
What’s included

1 year of unlimited access to all fundamental content and OffSec curated Learning Paths

365 days of lab access

PEN-103 + 1 KLCP exam attempt

PEN-210 + 1 OSWP exam attempt

Easily upgrade at any time to a Learn One subscription

Financing for Learn Fundamentals and Learn One now available through Climb Credit with as little as 0% APR and up to 36 monthly payments.

State exclusions may apply. Learn more.

FAQ

Syllabus

  1. DevOps Processes
  2. Introduction to Infrastructure as Code (IaC)
  3. Introduction to Terraform
  4. IAM Essentials
  5. IAM Design Principles
  6. Configuration Management Essentials
  7. Secrets Management – Removing Hardcoded Secrets
  8. Secrets Management – Kubernetes and Hashicorp Vault
  9. Overview of CI/CD
  10. Hardening Applications in CI

What prerequisites are necessary for this Learning Path?

What skills will I develop?

Is this Learning Path suitable for beginners?

How is OffSec's DevSecOps training different?

Start your journey today

Individual

Individual

Ideal for

One learner

Register now

Team

Team

Ideal for

Fewer than 10 learners

Buy now

Have questions? Contact sales

Organization

Organization

Ideal for

10 or more learners

Contact sales
New to cybersecurity and want to get educated on fundamental content before signing up?

New to cybersecurity and want to get educated on fundamental content before signing up?

Check out CyberVersity - our free resource library covering essential cybersecurity topics.

Learn more