Hacker Summer Camp Special: Get 40% OFF with code HACKERCAMP40. Limited time only!
X
X
X

Live Online

4
Live sessions
3
Hours per Session
52
Weeks access
16
Lab Exercises

AppSecEngineer™ Certified DevSecOps Engineer

2 Certification Exam Attempts
All Recordings of Live sessions
Unlimited access to all 2000+ labs and 500+ courses on AppSecEngineer platform for 1 year
Ideal for
Developer
DevOps
Security Architect
Sign up now
Coming Soon
Sign up now

Before this bootcamp

  • Security scans run after the code is written (and rarely get fixed)
  • Cloud and container risks stay invisible until they cause problems
  • AI and LLM apps ship without clear security checks
  • Security feels separate from how engineers build and ship

After this bootcamp

  • Scan source code, containers, and cloud configs early, and fix issues before they go live
  • Catch and prevent common mistakes in Kubernetes and CI/CD pipelines
  • Add basic security checks to LLM and GenAI workflows
  • Use tools like Semgrep, ZAP, Trivy, and Prowler with confidence
  • Know how to explain what’s secure, what’s not, and what needs to happen next

Know your Trainer

Vishnu Prasad K

Vishnu Prasad is a DevSecOps Lead at we45. A DevSecOps and Security Automation wizard, he has implemented security in DevOps for numerous Fortune 500 companies. Vishnu has experience in Continuous Integration and Continuous Delivery across various verticals, using tools like Jenkins, Selenium, Docker, and other DevOps tools. His role sees him automating SAST, DAST, and SCA security tools at every phase of the build pipeline. He commands knowledge of every major security tool out there, including ZAP, Burp, Findsecbugs, and npm audit, among many others. He's a tireless innovator, having Dockerized his entire security automation process for cross-platform support to build pipelines seamlessly. When AFK, he is either pouring over Investment journals or in the swimming pool.
Learn more about this trainer ➜

Trained at

Day 1

August 29, 2025
10am to 1pm ET

Intro to DevSecOps and SAST (Static Application Security Testing)

3 hour live session

Main Takeaways
  • What DevSecOps is and why it matters
  • Integrating security early into the SDLC
  • How SAST tools analyze source code for vulnerabilities
  • Common SAST tools (e.g., SonarQube, Semgrep)
Skills Gained
  • Understanding DevSecOps principles and CI/CD security
  • Running basic SAST scans on source code
  • Identifying and fixing security issues in code (e.g., SQLi, XSS)
  • Interpreting and acting on SAST scan reports

Day 2

September 5, 2025
10am to 1pm ET

SCA (Software Composition Analysis) and DAST (Dynamic Application Security Testing)

3 hour live session

Main Takeaways
  • Detecting vulnerable dependencies with SCA (e.g., SBOMs)
  • Running black-box tests using DAST tools
  • Difference between SAST, SCA, and DAST
  • Understanding OWASP Top 10 from a runtime view
Skills Gained
  • Using tools like OWASP Dependency-Check and Trivy
  • Running DAST tools (e.g., OWASP ZAP)
  • Reading dependency and runtime scan results
  • Fixing third-party package risks

Day 3

September 12, 2025
10am to 1pm ET

Container Security and Kubernetes Security

3 hour live session

Main Takeaways
  • How containers can be attacked (image tampering, privilege escalation)
  • Securing Docker images and registries
  • Kubernetes threat model basics
  • Using tools like Kube-Bench, KubeArmor, and Falco
Skills Gained
  • Scanning and hardening Docker images
  • Applying container runtime security (AppArmor, seccomp)
  • Writing Kubernetes security policies (RBAC, PodSecurityPolicies)
  • Detecting container threats in real time

Day 4

September 19, 2025
10am to 1pm ET

Cloud Security and LLM (Large Language Model) Security

3 hour live session

Main Takeaways
  • Shared responsibility model in cloud (AWS)
  • Common cloud misconfigurations and how to detect them
  • Basics of securing AI/LLM applications (prompt injection, data leakage)
  • Cloud security posture management (CSPM)
Skills Gained
  • Using tools like Guarduty and Prowler
  • Understanding IAM, S3 misconfig, and network security in cloud
  • Identifying risks in LLM-based systems
  • Applying guardrails for secure LLM development

Technical Prerequisites

Bring a laptop with an updated browser, an email address without domain restrictions, and a network that doesn’t block traffic or tools.

To get the most out of this bootcamp, you should be comfortable with:

  • Basic coding (Python, JavaScript, or Java is ideal)
  • Using Git and GitHub (cloning, branching, pull requests)
  • Navigating the command line (curl, cat, grep, etc.)
  • Understanding how web apps work (HTTP, APIs, client/server)
  • Building and running Docker containers
  • Writing or reading basic Kubernetes configs (YAML, Pods, kubectl)
  • Knowing your way around cloud services like S3, EC2, and IAM

You’ll also need:

  • A free GitHub account (for CI/CD labs)
  • A free GitLab account (for pipeline labs)

Everything that comes with your bootcamp seat

AppSecEngineer Pro Plus Plan
Free access to the full Pro Plus AppSecEngineer subscription: for a whole year: courses, learning paths, challenges, and all cloud sandboxes included.
GenAI sandbox access
Get hands-on with LLMs in our secure AI playground. No ChatGPT+ account needed.
Certificate & CPE credits
Finish the bootcamp and earn a certificate you can use for career bragging rights and ISC2 CPE credits (1 credit per hour of training).
Live bootcamp access
Join live virtual sessions led by trainers who’ve seen real-world incidents and built secure systems. Ask questions, solve problems, and stay sharp.
One-year replay access
Can’t make it live? No stress. You’ll get full access to the session recordings and labs for one year.
Private support channel
Join your own Discord channel with the trainer and bootcamp peers. Ask questions and get answers for 60 days after your bootcamp begins.

Sign up. Show up. Skill up.

AppSecEngineer™ Certified DevSecOps Engineer
$999
Sign up now

Remarkable training. Enjoyed the detailed lab and walk around help from the team. Great work!

BlackHat USA 2023 trainee, DevSecOps lead, Fortune 100 fintech

..Unlike other courses in the past, allowed for working alongside the showing of labs. The content in the labs were very useful in reinforcing the material being shared.... will be able to share upon my return to work.

BlackHat USA 2023 trainee, Head of Product Security, Large software product company

Dedicated team, delivered content from scratch to advance. Interactive & open to queries.

BlackHat USA 2023 trainee, Senior DevSecOps Engineer, Large software product company

The instructor is great & he cares to make sure people understand the material. Great class!

DefCon 2024 trainee

Vishnu is clear and concise. Content was very easy to follow, labs were great. Vishnu is a great instructor, I would take him again.

Auy Nguyen, DefCon 2024 trainee

Taking some serious skills back to the team. Great labs, glad i have access for a while.

OWASP trainee 2024

FAQs

Do I get a certificate?
Can I use the certificate for CPE credits?
What if I miss a session?
Is this beginner-friendly?
What if I have a question?
Do I need to install anything?
Is this just another webinar?

Can't attend this bootcamp?

Get informed about future bootcamps!
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X
About Us
Privacy Policy


United States11166 Fairfax Boulevard, 500, Fairfax, VA 22030

APAC
68 Circular Road, #02-01, 049422, Singapore


For Support write to help@appsecengineer.com

FOLLOW APPSECENGINEER
SOC2 Type2 Compliant
4.3
Copyright AppSecEngineer © 2025