Courses Solutions Case Studies & Testimonials News & Insights About Us Contact Us
Public Sector Graduate Training Schemes Learning & Development Corporate & Volume Pricing Custom Learning Paths

Public Sector

We've had the pleasure of working with UK and overseas central and local government departments, including Healthcare (NHS and Foundation Trusts), Defence, Education (Universities and colleges), many of the main Civil Service departments, Emergency Services; also public-owned corporations including the BBC, Bank of England, Ordnance Survey, and regulatory bodies such as Ofgem.

We are registered on Crown Commercial Service’s (CCS) Dynamic Purchasing System (RM6219 Training and Learning) and also with numerous tender portals such as Ariba, Coupa and Delta E-Sourcing.

Read more...

Graduate Training Schemes

Framework Training has a strong track record of providing a solid introduction into the working world for technical graduates across myriad industries. We provide the opportunity to learn and gain valuable hands-on experience in a supportive, friendly and sociable training environment.

Attract & retain the brightest new starters

We know it is vital for our clients to invest in the future of their talented grads; not only to provide them with high-quality, professional training essential for their roles, but to embed them within the organisation’s culture and guide them on the right path to a successful career.

After all, your new hires could well be the next leaders and their creative ideas and unique insights are invaluable to your business.

Read more ...

Learning & Development

Our unique portfolio of high-quality technical courses and training programmes are industry-respected. They’re carefully designed so that delegates can seamlessly apply what they’ve learnt back in the workplace. Our team of domain experts, trainers, and support teams know our field — and all things tech — inside out, and we work hard to keep ourselves up to speed with the latest innovations. 

We’re proud to develop and deliver innovative learning solutions that actually work and make a tangible difference to your people and your business, driving through positive lasting change. Our training courses and programmes are human-centred. Everything we do is underpinned by our commitment to continuous improvement and learning and generally making things much better.

Read more...

Corporate & Volume Pricing

Whether you are looking to book multiple places on public scheduled courses (attended remotely or in our training centres in London) or planning private courses for a team within your organisation, we will be happy to discuss preferential pricing which maximise your staff education budget.

Enquire today about:

  • Training programme pricing models  

  • Multi-course voucher schemes

Read more...

Custom Learning Paths

We understand that your team training needs don't always fit into a "one size fits all" mould, and we're very happy to explore ways in which we can tailor a bespoke learning path to fit your learning needs.

Find out about how we can customise everything from short overviews, intensive workshops, and wider training programmes that give you coverage of the most relevant topics based on what your staff need to excel in their roles.

Read more...

DevSecOps Training Course

Build secure software faster: learn the principles and practices of DevSecOps

Book or reserve a space

About the course

Transform your software development lifecycle into a secure and efficient engine with our comprehensive DevSecOps training. This course goes beyond theory, providing you with a deep understanding of the core principles that underpin successful DevSecOps adoption. Discover the tangible benefits of integrating security seamlessly by "shifting left" - from accelerated delivery cycles to reduced risk.

You'll gain practical knowledge of key practices and the tools that empower automation, vulnerability management, and enhanced collaboration across development, security, and operations teams.

By the course's conclusion, you'll be equipped with the strategic insights and actionable skills to champion and implement DevSecOps within your organization, ultimately leading to the rapid and secure delivery of high-quality software.

This two-day training course will cover the fundamentals of DevSecOps, in a practical sense: the main focus will be on technologies and tools.

Online and in-house face-to-face options are available - as part of a wider customised training programme, or as a standalone workshop, on-site at your offices or at one of many flexible meeting spaces in the UK and around the World.

    • Set up a DevSecOps platform and CI/CD pipeline for a web application
    • Select the correct type of security test
    • Design a CI/CD pipeline that generates Docker images containing security testing tools
    • Scan for secrets in repositories
    • Design a plan to phase out known secrets in repositories
    • Scan source code for security vulnerabilities
    • Scan source code to check for outdated third party libraries
    • Scan a running web application for security vulnerabilities
    • Scan a Docker image for security vulnerabilities and misconfigurations
    • Triage vulnerabilities in applications
    • Perform a threat modeling excercise

  • This essential DevSecOps training is designed for professionals who play a role in the modern software development and delivery lifecycle and are looking to integrate security seamlessly. It will be highly valuable for:

    • Software Developers: Eager to understand how to build security into their code from the outset and collaborate effectively with security teams.

    • Security Engineers and Architects: Seeking to integrate security practices earlier in the SDLC and automate security controls within development pipelines.

    • DevOps Engineers: Responsible for streamlining and automating the software delivery process and looking to incorporate security considerations.

    • IT Managers and Leaders: Overseeing software development and delivery teams and aiming to improve security posture and efficiency.

    • QA Engineers and Testers: Interested in understanding and implementing security testing practices within the CI/CD pipeline.

    • System Administrators: Involved in deploying and managing applications and looking to understand the security implications of the development process.

    • Anyone involved in the SDLC: Including project managers, business analysts, and release engineers who want to understand and contribute to a more secure development process.

  • While this course provides a comprehensive introduction to DevSecOps principles and practices, a foundational understanding in the following areas will be beneficial:

    • Basic understanding of the Software Development Lifecycle (SDLC): Familiarity with the different stages of software development (e.g., planning, design, coding, testing, deployment).

    • Familiarity with basic security concepts: A general awareness of common security vulnerabilities and security practices.

    • Exposure to either development or operations practices: Understanding the fundamentals of software development or IT operations will be helpful for grasping the integration aspects of DevSecOps.

    No prior deep security expertise or specific tool knowledge is strictly required. The course will introduce the necessary concepts and tools in a practical manner.

  • This DevSecOps course is available for private / custom delivery for your team - as an in-house face-to-face workshop at your location of choice, or as online instructor-led training via MS Teams (or your own preferred platform).

    Get in touch to find out how we can deliver tailored training which focuses on your project requirements and learning goals.

  • The Fundamental Principles of DevSecOps

    • (Secure) Software Design Life Cycle - SSDLC / SDLC

    • Development and testing

    • Delivery

    • Deployment

    Types of Security Testing

    • Risk assessment

    • Dynamic testing

    • Container scanning

    • Vulnerability scanning

    Setting up a Local Lab Environment

    • Docker-compose

    • GitLab

    • SonarQube

    Creating a Security Testing Tool Chest

    • Common security testing tools

    • Choosing the right tool for your stack

    Scanning for Secrets in Source Code

    • When and why you need scanning in your SDLC

    • Git secret scanning

    • Secret scanning tools

    Static Application Security Testing (SAST)

    • Why Static Analysis is important

    • SAST tools

    • SAST reporting good practices

    Understanding Software Composition Analysis (SCA)

    • Should you blindly trust Open Source code? (you can probably guess the answer)

    • What is a Bill of Materials? (BOM)

    • Scanning for Outdated Third Party Libraries

    • Automated SCA tools

    Dynamic Application Security Testing (DAST)

    • What is "black-box" testing?

    • Input / output validation

    • Common Authentication issues

    • Dynamic security scanner

    • Fuzzers

    • Attack Proxies

    Container Image Scanning

    • What to look for:

      • Misconfigured containers

      • Obsolete libraries

      • Out-of-date OS patches

      • Compliance Validations

    Triaging Software Vulnerabilities

    • Confidentiality, Integrity, Availability (CIA)

    • Automated tools

    • Log analysis

    Threat Modeling basics

    • Analysing and understanding:

      • What is the system's purpose

      • Who would want to obstruct that purpose

      • What attack vectors are available

      • What mitigations can your team undertake

    Security maturity models

    • Benefits of a maturity model

    • OWASP DevSecOps Maturity Model (DSOMM)

    Industry security frameworks

    • Frameworks for you to consider

    • Implementing security frameworks in your workflow

    Migrating from DevOps to DevSecOps

    • Adopting the Security-First Mindset

    • Dealing with Silos

    • Security Champions

    • Regular and frequent research and education

    • Implement continuous improvement processes

    Applying DevSecOps in Practice

    • Exploring your next steps

Trusted by

BBC logo Crown Commercial Service Supplier (CCS) logo University of Oxford logo / crest

Public Courses Dates and Rates

December 8th, 2025 - £1495
March 16th, 2026 - £1495

All prices are excluding VAT.

If our published dates don't work for you, please get in touch — we are happy to explore scheduling additional courses.

Book or reserve a space

Secure or reserve a space on a public scheduled course date.

Related courses