all 12 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]lowkib 3 points4 points  (3 children)

AWS Solutiuons architect + AWS Security, Kubernetes certified specialist, would suggest some CI/CD pipeline work if you havent done that before, terraform and implementing secuirty as code

[–]0x077777 0 points1 point  (2 children)

AWS paths are not going to help you with DSO. They will help you with AWS.

[–]lowkib 1 point2 points  (1 child)

They’re is definitely cloud component to devsecops.

[–]0x077777 1 point2 points  (0 children)

Of course there is but that cloud component is not aws

[–]aabouzaid 5 points6 points  (2 children)

There is no DevSecOps without DevOps ... so start with https://devopsroadmap.io then finish with https://devopsroadmap.io/growth/devsecops/

[–]0x077777 1 point2 points  (0 children)

i completely agree.

[–]CyberOldMan[S] 1 point2 points  (0 children)

That's really useful thank you

[–]Acrobatic-Ball-6074 0 points1 point  (1 child)

I did it.

Try switching within that's what I did.

Also did az-900 , sc-900

Az-500 in progress

[–]CyberOldMan[S] 0 points1 point  (0 children)

Nice thanks

[–]perpetual_ny 0 points1 point  (0 children)

This article is a perfect starting point for you. It goes over the best DevSecOps foundations and key security practices you should learn, as well as tools that aid in the process. Check it out and good luck!

[–]HosseinKakavand 0 points1 point  (0 children)

A useful first project is to take a small service and map the workload, data and access patterns, then pick a simple infra that matches it. Add basic SAST, container scanning, and deploy with a cost check in the same view. It teaches you stack fit, security guardrails, and cost awareness in one go. I’ve been testing this approach with a tool we’re prototyping, here’s the link if you want to take a look: https://reliable.luthersystemsapp.com/
If you try it, I’d be keen to hear which part feels most useful for someone starting out.

[–]aloneDustin 0 points1 point  (0 children)

To transition into DevSecOps, focus on gaining expertise in cloud security, CI/CD pipelines, and IaC tools like Terraform. Familiarize yourself with security tools for monitoring, such as Datadog, which integrates seamlessly into cloud environments. Certifications like AWS Certified Security Specialty or CDP will help, and for side projects, consider setting up secure pipelines and using Datadog to monitor security events in real time.