practical-devsecops.com Recenzje 713

Great content, for beginner to mid-level DevSecOps engineers, exam could've been much better TBH

The labs were the difference makers. concepts got easy to understand using labs

Great content, easy to understand, great applicability

I recently completed the Certified DevSecOps Professional (CDP) certification, and I found it to be an exceptionally hands-on and well-structured program that delivers both breadth and depth across modern DevSecOps practices.

The course stands out for its practical, lab-driven approach. Rather than just theory, it dives into real-world tools and scenarios — including CI/CD pipeline integration, container security, static/dynamic analysis, Infrastructure-as-Code (IaC) scanning, and runtime security monitoring. Each module is supported with detailed walkthroughs, example scripts, and guided labs, which made the learning process not only interactive but also applicable to real environments.

What I appreciated most was the quality and completeness of the training materials. The documentation is thoughtfully organized and rich with diagrams, code snippets, and tool comparisons, making it easy to reference even after the course. Whether you're new to DevSecOps or looking to strengthen your implementation knowledge, the materials provide a solid foundation.

The certification reinforces security as a shared responsibility across development and operations, emphasizing automation and continuous security integration. Overall, it’s a valuable investment for professionals aiming to build or enhance secure DevOps pipelines in their organization.

Whether you are just bootstrapping your Supply Chain Security knowledge or working towards increasing the maturity of your org's processes this course is highly recommended!

As with most PDSO courses, this was jam packed with materials, hands on practice, tool exposures, threat modeling, attacks & defenses, and related framework information.

The coursework can mostly be tied to Code, Container, Cluster, and Cloud (aka “The 4C’s of Cloud Native Security).

There were a ton of cool things in this course. All of the hands-on tool exposure is a given. Besides that, I found the concept of software provenance to be a nice escalation from the SBOM-centric state that the industry has embraced (particularly after log4j).

It was also really cool to get increased exposure to frameworks such as SLSA, NIST SSDF, SCVSD, OpenSSF S2C2F, SCITT, DORA, and CII.

I have recently completed CAISP course. Well structured course! Cover vast areas include Red team activities, mitigations, security best practices. Best course for AI security.

The certification boosted my confidence. Previously, my experience was limited to Jenkins pipelines and a few licensed security tools. Through the labs, I gained practical hands-on to GitLab CI/CD, GitHub Actions, and a variety of FOSS tools. I also developed a much deeper understanding of how CI/CD and DevOps work in real-world environments.
The standout aspects of the program were the labs, the environment setup, and the support channel. Attempting the practice exam twice really helped me prepare for the certification exam.
One suggestion for improvement would be to include more challenges and tasks. I found that solving problems without relying on hints was especially valuable for my learning.
This certification has a positive impact on my organization’s AppSec vertical. We now have the capability to integrate security tools directly into project teams’ CI/CD pipelines.

CAISP is a great introductory course of AI Security. Great for anyone who is interested to learn the overall AI security fundamentals like LLM, RAG, NLP, prompt injection, and more as well as get certified with hands on labs.

The CDP course provides a great hands-on lab environment and well-structured material, making it ideal for learning and practicing DevSecOps in real-world scenarios.

The CAISP course provides a great combination of theory and practice. It covers various aspects of AI security.

I recently completed the Certified DevSecOps Professional (CDP) exam from Practical DevSecOps, and the experience was outstanding! The course material was comprehensive, well-structured, and covered all the essential aspects of DevSecOps, from CI/CD security to threat modeling and compliance.

The hands-on labs were particularly valuable, providing real-world scenarios that helped solidify my understanding. The instructors were knowledgeable and supportive, offering clear explanations and prompt assistance whenever needed.

Thanks to this training, I not only passed the CDP exam but also gained practical skills that I’ve already started applying in my work. Highly recommend Practical DevSecOps to anyone looking to advance their career in DevSecOps!

The course is highly relevant to the challenges security experts are facing today.

The material is up to date and give great understanding for business context and technical depth.

It enabled me to clearly understand and address emerging risks and threats related to AI.

I found the Certified DevSecOps Professional course to be highly practical and well-structured. The hands-on labs were the highlight, allowing me to apply security concepts directly into DevOps pipelines and tools. The content is up to date, relevant to real-world scenarios, and the progression of topics was smooth and logical. I appreciated the focus on real implementation rather than just theory. It’s a great course for professionals with some DevOps background who want to build strong DevSecOps skills. I definitely recommend it to anyone looking to bridge the gap between development, operations, and security.

The support community on mattermost is amazing, every query was responded to within a couple minutes. I waited at most 15 mins before a reply.
Course content is also very relevant and interesting. The labs offer an environment to experiment and explore the tools.

The course is well-designed with clear content and hands-on labs that help reinforce learning. The team is supportive and quick to respond. Lab access is available for 3 months, which encourages focused learning. Overall, a great resource for building DevSecOps skills.

I learned how to embed security to Devops and that was amazing part.

I completed the CCNSE certification after 120+ hours of intensive hands-on labs. This isn't your typical multiple-choice exam - you're actually attacking and defending live Kubernetes clusters, covering container escapes to supply chain attacks.

What made this experience great: The practical approach is outstanding. Instead of memorizing theory, you're solving real-world security scenarios. The 6-hour practical exam was challenging but fair - it truly tests your ability to think like both attacker and defender.

What they're doing exceptionally well:

1. Real-world lab environments that mirror actual threats
2. Comprehensive coverage of cloud-native security domains
3. Exceptional customer support throughout my extended learning journey - the team was patient and encouraging despite my stop-and-start approach due to personal challenges
4. Quality materials focusing on fundamental security principles
5. Teaching you to switch between attacker/defender mindsets

Personal breakthrough: During the exam, I made zero progress for 1.5 hours and thought I'd fail. The breakthrough came when I embraced the attacker mindset: "What would an attacker do here?" Once I identified vulnerabilities, implementing defensive controls became clear.

Key takeaway: Complex cloud-native security comes down to fundamentals - least privilege, defense in depth, secure design. Understanding attackers clarifies defensive strategies.

This certification transformed my professional approach to cloud security with immediately applicable skills.

Complete course focus on the practice, covering all the domains.

Course has real world examples and scenarios, very clear and systematic approach.

The Certified Cloud-Native Security Expert course proved to be the best of the courses provided by Practical DevSecOps from those I've covered so far. The course serves as a good introduction to Cloud-Native tools, but also covers enough depth to allow those with some experience to potentially learn new things. With the variety covered as well, proactive learning after the course has been completed can be performed to further one's depth of knowledge in many areas, not only Cloud-Native specific.

Since the field of Cloud-Native is quite large, not every topic is discussed exhaustively. This is evident in the attacking Kubernetes section, where not all attack paths are fully explored. Instead, the per-requisite knowledge needed to discover vulnerabilities and attack paths are provided, so that you can build on with that knowledge.

The course should be approached with a pro-active mindset to make the best of it. This means asking questions and exploring topics / tools in further detail when you do not fully understand something. Although this is the approach that should be taken when learning, the course is somewhat lengthy, and it is easy to overrun the 2 months of lab time if you have a full time job. Some balance should therefore be taken with further exploration during the course. Where balance is not required is with note taking, as this will get you very far if you keep good notes!

Overall, the course was educational. The first few chapters will cover very basic information, but later chapters will start to cover the depth I've mentioned.