A3SEC516: Leading Effective Vulerability Management Programs

Become an EPIC Affiliate

To view the class schedule you need to become an Affiliate

  • Largest “Guaranteed To Run” public technical training schedules available
  • Easy to become an Affiliate – no charge or fee
Become an EPIC Affiliate

already an Affiliate?  Login

About this Course

Course Overview
This course explores vulnerability management in cloud and DevOps environments, emphasizing proactive security through DevSecOps. Participants learn to use static, dynamic, and interactive testing tools within CI/CD workflows. The course covers securing apps, APIs, and cloud configs, along with cybersecurity leadership, incident management, and communicating risks across teams for better organizational security.
Review this course online at https://www.alta3.com/courses/leading-vm

Audience Profile

• Security Managers
• DevOps/DevSecOps Engineers
• IT Security Analysts
• Cloud Infrastructure Leaders

At Course Completion

What You’ll Learn
• Understand cloud infrastructure and DevSecOps security practices
• Manage vulnerabilities using risk-based approaches and CI/CD integration
• Apply DAST and SAST for application, API, and database security
• Develop leadership and communication skills in cybersecurity operations

Outline

Day 01 - Foundations of Vulnerability Management
• 💬 Lecture: Course Overview
What is Vulnerability Management
• 💬 Lecture: aaS
• 💬 Lecture: Assets
• 💬 Lecture: Cloud Assets
• 💻 Lecture + Lab: Assets
• 💬 Lecture: Grouping Assets
• 💬 Lecture: Scope
• 💻 Lecture + Lab: Configuration Management Database
• 💬 Lecture: Improving Current Vulnerability Management
• 💬 Lecture: Stakeholders
• 💬 Lecture: Requirements
• 💬 Lecture: Permissions
What Business Are You in
• 💬 Lecture: Mission Vision
• 💬 Lecture: History
Day 02 - Vulnerability Identification and Assessment
• 💬 Lecture: What are Vulnerabilities
• 💬 Lecture: Vulnerability Management Life Cycle
• 💬 Lecture: Identifying Threats
• 💬 Lecture: Scanning and IP Mapping
• 💬 Lecture: Cloud Vulnerability
• 💬 Lecture: Tools
• 💬 Lecture: Threat Intel Feeds
• 💬 Lecture: Bug Bounties
• 💻 Lecture + Lab: Bug Bounties and VDPs
• 💬 Lecture: Penetration Testing
• 💬 Lecture: Communication of Impact
• 💻 Lecture + Lab: NMAP a Vulnerable System
Day 03 - Contextualization, Reporting, and Remediation
• 💬 Lecture: Trusting Results
• 💬 Lecture: Communication of Threats
• 💬 Lecture: Risk Based Vulnerabilities
• 💬 Lecture: Continual Reporting
• 💬 Lecture: Metrics
• 💻 Lecture + Lab: Creating Reports with Excel
• 💻 Lecture + Lab: Creating Reports with Python Code
• 💬 Lecture: What is Patching
• 💬 Lecture: Image Management
• 💬 Lecture: DevOps and DevSecOps
• 💻 Lecture + Lab: DevOps
• 💻 Lecture + Lab: DevSecOps
Day 04 - Integrating Vulnerability Management
• 💬 Lecture: DevOps in Practice
• 💻 Lecture + Lab: Idempotent Ansible
• 💬 Lecture: Many Levers One Goal
• 💬 Lecture: Organizational Buy in for Change Management
• 💬 Lecture: Maintenance
• 💬 Lecture: Alternate Strategies
• 💬 Lecture: Communication Strategies
• 💬 Lecture: Meeting Strategies
• 💬 Lecture: Integration of Vulnerability Management
Day 05 - Building and Leading VM Teams
• 💬 Lecture: Leadership
• 💬 Lecture: Effective Leaders
• 💬 Lecture: Vulnerability Management Best Practices
• 💬 Lecture: Building a Team
• 💬 Lecture: Maintain Relevance
• 💬 Lecture: Enabling and Shaping Organizational Culture

Prerequisites