# Practical DevSecOps
*Also known as PDSO*

- Website: https://www.practical-devsecops.com
- Agent profile: https://directory.haycion.ai/agents/practical-devsecops-com

> Certification-driven training and consulting to advance DevSecOps and secure software development.

Practical DevSecOps is a training and certification organization that helps individuals and teams build secure software through practical education and certification programs in DevSecOps, cloud-native security, API security, and software supply chain security. The organization offers learning paths, certification tracks, enterprise training, consulting services, and resources to accelerate the adoption of secure development practices and continuous security across the software lifecycle.

**Mission:** To empower professionals and organizations to safely integrate security into development and operations through practical education and certifications.

## Products & Services

### [Certified DevSecOps Professional (CDP)](https://www.practical-devsecops.com/certified-devsecops-professional/)
*Product*
Gain essential skills for integrating security into development and operations workflows.

- **DevSecOps Fundamentals** — Builds Core DevSecOps Knowledge
- **CI/CD Security Emphasis** — Enhances CI/CD Workflow Security
- **Security as Code Focus** — Integrates Security as Code

### [Certified DevSecOps Expert (CDE)](https://www.practical-devsecops.com/certified-devsecops-expert/)
*Product*
Gain expertise in integrating security practices into development and operations through specialized training.

- **OS Hardening** — Enhance OS Security Effectively
- **Infrastructure and Code Compliance** — Ensure Compliance Across Infrastructure
- **Vulnerability Management** — Implement Proactive Vulnerability Management
- **Automation** — Streamline Security Through Automation

### [Certified AI Security Professional (CAISP)](https://www.practical-devsecops.com/certified-ai-security-professional/)
*Product*
Gain expertise in securing AI systems through comprehensive training.

- **Hands-on AI/LLM Security** — Apply Security Knowledge
- **AI Threat Modeling** — Model Threats Effectively
- **OWASP Top 10 Coverage** — Understand Key Vulnerabilities
- **Supply Chain Risk Awareness** — Mitigate Supply Chain Risks

### [Certified Cloud Native Security Expert (CCNSE)](https://www.practical-devsecops.com/certified-cloud-native-security-expert/)
*Product*
Enhance cloud-native security skills with a practical focus on Kubernetes and authentication.

- **Kubernetes Security Focus** — Enhance Kubernetes Security Skills
- **Cloud-native Security Concepts** — Master Cloud-native Security Principles
- **Authentication Security** — Improve Authentication Security

### [Certified Container Security Expert (CCSE)](https://www.practical-devsecops.com/certified-container-security-expert/)
*Product*
Gain expertise in building secure containers and identifying vulnerabilities.

- **Secure Container Images** — Build Secure Container Images
- **Vulnerability Analysis** — Analyze Image Vulnerabilities

### [Certified Threat Modeling Professional (CTMP)](https://www.practical-devsecops.com/certified-threat-modeling-professional/)
*Product*
Develop skills for identifying and mitigating security threats in software applications.

- **STRIDE Threat Modeling** — Utilize STRIDE Framework
- **DREAD** — Understand Threat Rating
- **PASTA Threat Modeling** — Apply PASTA
- **MITRE/Agile/Privacy** — Implement Best Practices

### [Certified API Security Professional (CASP)](https://www.practical-devsecops.com/certified-api-security-professional/)
*Product*
Acquire essential skills to secure and audit APIs effectively.

- **API Security and Auditing** — Enhance API Security
- **Vulnerability Assessment** — Conduct Thorough Assessments

### [Certified Software Supply Chain Security Expert (CSSE)](https://www.practical-devsecops.com/certified-software-supply-chain-security-expert/)
*Product*
Enhances organizational capability to protect against software supply chain attacks.

- **Attack Protection Planning** — Plan Attack Protections
- **Supply Chain Risk Assessment** — Conduct Risk Assessments
- **Hands-on Training** — Engage in Hands-On Training

### [Certified Security Champion (CSC)](https://www.practical-devsecops.com/certified-security-champion/)
*Product*
Enhance pipeline security by identifying and fixing code vulnerabilities.

- **Code Vulnerability Remediation** — Fix Code Vulnerabilities
- **Pipeline Security Enhancement** — Enhance Pipeline Security

### [Learning Path](https://www.practical-devsecops.com/learning-path/)
*Platform*
Guided learning experiences for certifications in DevSecOps and related fields.

- **Certification Alignment** — Aligns With Certifications
- **Structured Learning Tracks** — Facilitates Structured Learning
- **Flexible Learning Options** — Choose Learning Modality
- **Real-World Scenarios** — Applies Knowledge Practically

### [DevSecOps University](https://www.practical-devsecops.com/devsecops-university/)
*Platform*
Offers a comprehensive platform for DevSecOps training and certifications.

- **Course Access** — Extensive Training Offerings
- **Certification Prep** — Supports Certification Success
- **Hands-on Learning** — Enhances Practical Skills
- **Learning Paths** — Guided Learning Experience
- **Enterprise Training** — Customizable Training Solutions

### [Consulting Services](https://www.practical-devsecops.com/consulting-services/)
*Service*
Enhance your security posture with expert DevSecOps consulting services.

- **Security Program Advisory** — Strategic Advisory Services
- **Tailored Solutions** — Delivers Customized Solutions
- **Implementation Guidance** — Provides Expert Guidance
- **Training Integration** — Empowers Your Team

## Market Segments

- **DevSecOps certification and training**: Courses and certifications that teach embedding security into CI/CD, Security as Code, automation, OS hardening, vulnerability management, and secure SDLC practices.
- **Cloud-native and container security training**: Training focused on securing cloud-native platforms and container workloads, including Kubernetes hardening, authentication, and secure container image practices.
- **API security certification and auditing**: Instruction on securing, testing, and auditing APIs to prevent common vulnerabilities and implement effective API defenses.
- **Supply chain security training**: Programs teaching assessment and mitigation of supply chain risks, attack protection planning, and hands-on defenses against supply chain attacks.
- **AI and LLM security training**: Hands-on courses addressing threats to AI/LLM models, OWASP Top 10 for AI, model attacks, AI threat modeling, and mitigations including supply chain considerations for AI.
- **Threat modeling and secure architecture training**: Training on threat modeling methodologies (STRIDE, PASTA, DREAD, MITRE) and applying threat models and privacy methods to secure design and architecture.
- **Enterprise training and advisory for security programs**: Tailored enterprise training, implementation guidance, and advisory services to develop security programs, integrate training into organizations, and align teams to secure practices.
