Course Overview: Duration, Scheduling, Content, and Key Concepts (GitLab Registry, DSOMM, and More)
Welcome to the definitive guide for anyone interested in the Practical DevSecOps Training portfolio. Whether you’re a seasoned security engineer, a developer eager to embed security into CI/CD pipelines, or a manager planning a learning path for your team, this article consolidates everything you need to know about course length, how to schedule your sessions, the core topics covered (including the GitLab Registry and DSOMM), and answers to the most common questions.
Table of Contents
What Is the GitLab Registry?
The GitLab Container Registry (often referred to as the GitLab Registry) is GitLab’s built‑in, private Docker image repository. It enables you to:
-
Store and version Docker, OCI, and other container images directly alongside your source code.
-
Securely share images within your organization without relying on external registries.
-
Integrate seamlessly with GitLab CI/CD pipelines, allowing automated build‑push‑deploy workflows.
Practical Example
Imagine you have a microservice written in Node.js. With the GitLab Registry, you can:
-
Build the Docker image in a CI job (
docker build -t $CI_REGISTRY_IMAGE:latest .). -
Push the image to the registry (
docker push $CI_REGISTRY_IMAGE). -
Deploy the image to a Kubernetes cluster using the same image reference, ensuring the exact version you built is the one that runs in production.
This tight integration reduces context switching, improves traceability, and enforces security policies (e.g., image scanning) directly within the GitLab ecosystem.
Course Duration & Continuing Professional Education (CPE) Credits
All mandatory modules across our Practical DevSecOps Training catalog share a standardized learning commitment:
-
Total instructional time: 36 hours of self‑paced or instructor‑led content.
-
CPE value: 36 CPE points, aligning with most industry certifications (e.g., CISSP, CISM) that require ongoing education.
How the 36 Hours Are Structured
| Module | Approx. Hours | Core Topics |
|---|---|---|
| Foundations of DevSecOps | 6 | Culture, risk management, compliance |
| Secure CI/CD Pipelines | 8 | GitLab CI, secrets management, static analysis |
| Container Security | 6 | GitLab Registry, image scanning, runtime protection |
| Cloud‑Native Security | 8 | IaC scanning, service mesh, zero‑trust |
| Governance & Metrics | 4 | Auditing, reporting, CPE tracking |
| Capstone Lab | 4 | End‑to‑end secure delivery simulation |
You can complete the modules at your own pace, but most learners finish within 5–6 weeks when dedicating ~6–8 hours per week.
How to Schedule a Course (Step‑by‑Step)
Scheduling your DevSecOps training is straightforward. Follow the steps below to lock in a date and time that works for you or your team.
-
Visit the Member Portal
Open your browser and navigate to:
https://members.practical-devsecops.training/ -
Select “Schedule” for Your Desired Course
-
Browse the catalog (e.g., Certified Devsecops Proffesional(CDP).
-
Click the Schedule button next to the course you want.
-
-
Choose Date & Time
-
Use the calendar widget to pick an available start date.
-
Select a time slot that matches your timezone.
-
-
Confirm the Booking
-
Click Schedule the Course.
-
You’ll receive a confirmation email
-
-
Prepare Your Environment
- Ensure you have a stable internet connection
Where DevSecOps Maturity Model (DSOMM) Is Covered
The DevSecOps Maturity Model (DSOMM) is woven throughout the curriculum, providing a roadmap for assessing and advancing an organization’s security posture. Here’s how it appears in the course structure:
| Chapter | DSOMM Focus | Key Takeaways |
|---|---|---|
| Chapter 1 – Foundations | Level 1: Initial | Understanding baseline security practices and cultural barriers. |
| Chapter 3 – Secure CI/CD | Level 2: Managed | Implementing automated security gates, integrating GitLab Registry scans. |
| Chapter 5 – Container & Cloud Security | Level 3: Defined | Defining policies for image provenance, runtime protection, and IaC compliance. |
| Chapter 7 – Governance & Continuous Improvement | Level 4: Optimized | Leveraging metrics, feedback loops, and the “DevSecOps Gospel” for continuous maturity growth. |
Note: We also introduce our proprietary concept, the “DevSecOps Gospel,” which aligns with DSOMM principles but adds a pragmatic, values‑driven layer to help teams internalize security as a shared responsibility.
Real‑World Scenario
A mid‑size SaaS company starts at DSOMM Level 1 (manual security checks). After completing the Secure CI/CD chapter, they automate container image scanning via the GitLab Registry, moving to Level 2. By the end of the course, they have a governance dashboard that tracks compliance metrics, positioning them at Level 3 and setting the stage for continuous optimization.
Common Questions & Quick Tips
| Question | Answer |
|---|---|
| How many hours are required to complete the CDP (Continuous Delivery Professional) course? | Exactly 36 hours, which also earns you 36 CPE points. |
| Can I access the course content after the scheduled date? | Yes. All recorded sessions and lab materials are available in the member portal for 90 days post‑completion. |
| What if I miss a live session? | Recordings are posted within 24 hours, and you can submit a make‑up assignment to retain CPE credit. |
| Do I need prior Docker experience? | Basic familiarity helps, but the Container Security chapter includes a refresher on Docker fundamentals. |
Wrap‑Up
By now you should have a clear picture of what the Practical DevSecOps Training offers:
-
A 36‑hour, CPE‑accredited learning path covering everything from GitLab Registry integration to the full DevSecOps Maturity Model (DSOMM).
-
A simple, self‑service scheduling process that puts you in control of your learning timeline.
-
Concrete, hands‑on labs that let you apply concepts like container image management and maturity assessment in real‑world scenarios.
Ready to secure your software delivery pipeline? Head over to the member portal, schedule your preferred course, and start building a resilient, compliant DevSecOps culture today. 🚀