DevSecOps on Azure AZ-2001 Training Course: Integrated Security in CI/CD & DevOps Pipelines

Reference: 2b-az2001

770 € excl. VAT

1 Day

7 h

18 Jan. 2027

Remote

1 Feb. 2027

Remote

1 Mar. 2027

Remote

12 Apr. 2027

Remote

3 May 2027

Remote

28 Jun. 2027

Remote

Each session will take place even if only one person is registered (except in cases of force majeure).

Description of the DevSecOps on Azure AZ-2001 Training Course: Integrated Security in CI/CD & DevOps Pipelines

This DevSecOps on Azure training course – Integrated Security in CI/CD & DevOps Pipelines – teaches you how to implement automated security controls directly in your integration and deployment processes. You will learn how to shift security left in your pipelines, manage secrets, scan vulnerabilities and enforce compliance policies using Azure DevOps and GitHub Advanced Security tools.

Also discover our Kubernetes Training Course – From Code to Cluster in Complete Autonomy, our Spring Microservices and Kubernetes Training Course, our Docker to Kubernetes Training Course, our Docker Training Course, our Advanced Kubernetes and CI/CD Training Course and our Kubernetes Training Course.

Format

Remote (recorded sessions).

GOOD TO KNOW

This training course includes numerous exercises (60% practical) for better learning. Sessions are guaranteed from 1 registered participant (except in cases of force majeure).

This training course is part of our DevOps Training Courses. Discover our complete DevOps offer to go further in automation, CI/CD and infrastructure industrialisation.

Objectives of this DevSecOps on Azure AZ-2001 Training Course

By the end of this training course, each participant will be able to:

Understand the fundamentals of DevSecOps and the benefits of integrating security directly into DevOps pipelines.
Design and configure secure CI/CD pipelines using Azure DevOps and GitHub Actions.
Implement code scanning (SAST), secret management, and dependency analysis in your workflows.
Apply OWASP best practices and container security in a cloud environment.
Monitor and respond to security alerts using Azure Security Center and GitHub Advanced Security.

Prerequisites

Knowledge of Azure DevOps or GitHub Actions (CI/CD pipeline basics). Proficiency in Git and understanding of DevOps workflows. Basic knowledge of application security and automated testing practices.

TARGET AUDIENCE

Developers, DevOps engineers, cloud/IT engineers and security professionals wishing to integrate security into their pipelines. System administrators, cloud architects and quality/production managers. Any technical professional seeking to understand and implement DevSecOps practices.

Programme of this DevSecOps on Azure AZ-2001 Training Course

Introduction to Terraform and IaC

Principes d’Infrastructure as Code, avantages, architecture de Terraform, providers, ressources et blocs HCL.

Writing and executing Terraform code

Creation of.tf files, init, plan, apply, controlled deletion, resource lifecycle management.

Advanced structuring

Variables, outputs,.tfvars files, custom modules, code factorisation, dynamic resource creation.

State, backends, and workspaces

State, backends, and workspaces.

Safety and best practices

Securing secrets, integration with Vault, versioning management, team conventions, linters, and validation.S3, Azure Blob, etc.), locking, organisation by environment.

Multi-cloud case study

Deployment of resources on AWS or Azure, reusable modules, environment logic (dev/stage/prod).

The advantages of this training course

This training course :

Provides a rigorous and professional approach to Terraform
Prepares you for secure production deployment with CI/CD and remote backendsmphasises code structuring and team collaboration
Includes concrete multi-cloud case studies that can be adapted to any real-world project

FAQ – DevSecOps on Azure (AZ-2001) Training

What is DevSecOps?

DevSecOps integrates security into every stage of the DevOps lifecycle — design, code, build, test, release, deploy, operate — through automation, shared responsibility, and continuous feedback. It replaces late-stage manual security reviews with automated SAST, DAST, SCA, secrets scanning, and IaC checks running in CI/CD pipelines. MFE-IT trains DevOps and security teams on implementing DevSecOps on Azure through the AZ-2001 curriculum.

What is AZ-2001?

AZ-2001 is Microsoft’s official training reference for DevSecOps on Azure, covering security in Azure DevOps and GitHub, secret management with Azure Key Vault, vulnerability scanning, container security, infrastructure compliance with Microsoft Defender for Cloud, and security policies in CI/CD. The MFE-IT DevSecOps on Azure AZ-2001 training delivers this full curriculum with hands-on labs.

How do you secure CI/CD pipelines?

Securing CI/CD pipelines means least-privilege service connections, signed commits and artifacts, secrets in vaults (never in code), SAST/DAST/SCA gates, container image scanning, branch protection rules, and approval flows for production. Audit logs and alerting are essential. Through MFE-IT’s hands-on approach, learners implement these controls on a real Azure DevOps pipeline during the training.

What tools are used for DevSecOps on Azure?

Common DevSecOps tools on Azure include Microsoft Defender for Cloud, Microsoft Defender for DevOps, GitHub Advanced Security, Azure Key Vault, Azure Policy, OWASP ZAP, SonarQube, Trivy, Snyk, and HashiCorp Vault. Our MFE-IT training course on DevSecOps on Azure AZ-2001 covers when and how to combine these tools without slowing down delivery.

Would you like to know about upcoming sessions?

Would you like to schedule this DevSecOps on Azure AZ-2001 Training Course on a specific date? Contact us to discuss your availability and arrange personalised training.