DevSecOps Gamified Learning
back to our services...
Most security vulnerabilities exist because developers don't understand what not to do! Our DevSecOps labs don't focus on the specifics. We teach the underlying concepts that make systems vulnerable, such as abusing CI/CD pipelines through simple oversights.
We build our labs around the same technology that your business uses, reducing friction so your developers learn faster.
Our environment in aws is designed to be secure, with each student getting a completely isolated environment to guarantee a seamless experience, at any scale.
How is it delivered?
We deliver our training in a hybrid format, bringing together concise instructor-led sessions and fun, interactive lab challenges.
We can deliver our training on-site in the UK, or virtually anywhere in the world.
Who is it for?
Our training is built for developers, security teams and DevOps professionals.
-
Developers will learn how simple misconfigurations can have devastating consequences
-
Security teams will be able to dive into breaking and exploiting modern development technology, like Jenkins and Kubernetes
-
DevOps teams will learn exactly why they should protect development environments and modern deployment tools
Why build security awareness?
Most security courses dive into the specifics of attacking or defending systems. We believe it’s better, and more engaging, to instead teach the concepts that lead to security issues.
93% of cyber security incidents are due to human error, not super-complex technical vulnerabilities. If your teams can think like hackers, they’ll intuitively build more secure systems.
How much does it cost?
Our courses costs vary depending on the delivery method (on-site or virtual) and which concepts you would like to pick up. Courses can be as low as £200 per delegate.
How do we build a course around your tech stack?
Matching your tech stack (as close as we can) is hugely important to us. We want your staff to be able to spend their time learning how to break things (and therefore make them unbreakable) and not learning new technologies.
Our team will work with you to identify what technology you are using in your organisation and then build course challenges to suit. The concepts don’t change, but the learning requires much less effort.
What about none-technical audiences?
Our courses are designed to make developers, DevOps engineers and security professionals better understand each other and the common misconfiguration they are likely to make. That being said, we do have some challenges designed for none-technical management and the instructor-led content will be suitable for all.
Want to learn more?
WHAT OUR CLIENTS SAY
Punk Security provided exceptional DevSecOps training for our engineers here at Sage and delivered an outstanding talk at our Securing Sage Summit.
Their expertise and knowledge were evident throughout the sessions.
Not only were they efficient and great to work with, but their presentation was also the highest rated session of the entire event. We highly recommend Punk Security for any security-related needs.
Our team at Illumio recently participated in a custom CTF event hosted by Punk Security, and it was a great experience! The CTF was not only challenging but also immensely educational, especially in the realm of cloud security principles.
The challenges presented during the CTF were designed to cover a broad spectrum of cloud security topics. This approach allowed our team to dive deep into practical scenarios that tested our skills and pushed us to explore new strategies and technologies. The balance between difficulty and learning outcomes was perfectly struck, ensuring that each team member, regardless of their prior level of expertise, found the event to be rewarding.