Attacking & Securing CI/CD Pipeline Certification
(ASCPC) - On-Demand
The Attacking and Securing CI/CD course is an on-demand and self-paced program designed to equip participants with the knowledge and skills to identify vulnerabilities and implement security measures within Continuous Integration and Continuous Deployment (CI/CD) pipelines. This course combines theoretical knowledge with practical, hands-on labs that simulate real-world scenarios in a CI/CD environment.
This on-demand version allows you to learn at your own pace and revisit the labs and content as many times as needed.
Flexible Learning Format
- Self-Paced Learning: Take as long as you need to complete the course materials and labs. There are no deadlines.
- Hands-On Lab Experience: Complete hands-on labs in a dedicated and shared environment designed to simulate real-world attack paths.
- Self-Directed Support: Use the comprehensive documentation and recorded walkthroughs to guide yourself through any challenges.
What Is Included
When you enroll in the Attacking and securing CI/CD course On-Demand, you receive:
Pre-Recorded Instruction
Detailed Lab Walkthroughs
Dedicated and Shared Lab environment – Bash script to spin up labs
Lifetime Lab access
Course Materials
Student Requirements
To enroll in the Attacking and securing CI/CD On-Demand, students should meet the following requirements:
Familiarity with Scripting
Basic Knowledge of Python, Bash
Resources
2 Github accounts, AWS env, Azure env, docker on host machine.
Hardware Requirements
Admin access to your tool environment and cloud.
Prerequisite Knowledge
This is an intermediate to advanced course. A background in CI/CD processes, DevSecOps practices, and a basic understanding of cybersecurity principles is recommended. Familiarity with scripting and automation in CI/CD environments will be beneficial.
Willingness to Learn
A strong motivation to engage with self-directed, advanced-level materials and perform hands-on exercises.
These requirements ensure that students have the foundational knowledge and tools necessary to succeed in the ASCPC Certification Course.
Cost and Discounts
The Attacking & Securing CI/CD Pipeline Certification (ASCPC) – On-Demand is priced at $500. This fee includes access to expert-created instructional materials, self-managed labs that never expire, and one exam voucher.
Who Should Take the Attacking and securing CI/CD On-Demand?
This course is intended for DevSecOps professionals, penetration testers, Red Team professionals and security engineers looking to specialize in CI/CD pipeline security. Those with a solid understanding of CI/CD processes and basic cybersecurity principles will benefit most. Blue teamers and security analysts who want to understand the latest techniques used to attack and protect CI/CD environments will also find this course valuable.
This on-demand course is perfect for:
- Devops & DevSecOps Professionals – who’d like to better protect CI/CD pipelines
- Cybersecurity Professionals: Seeking flexible, hands-on learning.
- Students: In cybersecurity or cloud computing disciplines looking for practical, self-directed learning
- Red Team Operators: Aiming to advance their skills in CI/CD penetration testing with real-world labs.
- Enthusiasts: Interested in on-demand, hands-on training to deepen their CI/CD security knowledge.
Course Content Overview
The Attacking and Securing CI/CD course covers the following key areas:
- CI/CD Overview: Pipeline security, GitHub Actions and security
- Hijacking Techniques: content script injection, issues comment injection, self hosted runners
- Artifact Handling: leaking secrets via uploads and poisoning artifacts
- Abusing race condition
- Bypassing branch protections
- Abusing OIDC misconfigurations
- Dependabot Automerge vulns
- AWS Codebuild Abuse and Best Practices
- Github Actions Best Practices
- Azure Devops
Frequently Asked Questions (FAQs)
Accordion Content
The on-demand course is self-paced, allowing you to take as long as you need to complete the training. There are no deadlines, so you can learn at your own pace.
Participants should have a basic understanding of cloud technology and Azure fundamentals, familiarity with scripting languages such as PowerShell, Python, and Azure CLI, and access to an Azure Tenant with a P2 License and Subscription. A laptop with at least 8GB of RAM is also required.
Yes, participants must have an Azure Tenant with a P2 License and Subscription to deploy and manage their lab environments during the training.
Yes, all participants will receive comprehensive course materials, including code snippets, custom scripts, and a detailed lab manual to assist with the training exercises. Recorded video walkthroughs of each lab are also provided.
While prior experience with Azure is beneficial, it is not strictly required. A basic understanding of cloud concepts and familiarity with scripting languages is recommended to make the most out of the training.
This on-demand training is self-paced, so you’ll be guided by pre-recorded video lessons and detailed documentation. You can also revisit the materials anytime if you need additional clarification or practice.
Yes, you will have lifetime access to your labs. This means you can continue practicing and refining your skills without any time constraints.
Labs are accessed through your own Azure environment, and they never expire, allowing continuous learning and practice.
The certification exam is a hands-on, practical test where you will be required to demonstrate your skills in a real-world Azure environment. It covers topics such as Azure AD exploitation, cloud penetration techniques, post-exploitation tactics, and configuration assessments.
Yes, an exam voucher is included with your course registration, allowing you to schedule your certification exam at your convenience.
You can schedule your exam through the White Knight Labs portal using the exam voucher provided upon course registration.
The certification exam is conducted in a live Azure environment where you will perform various penetration testing tasks and submit a professional report based on your findings.
Accordion Content
You will have 48 hours to complete the hands-on lab portion of the exam, followed by another 48 hours to prepare and submit your professional report.
To pass the certification exam, you must successfully complete the practical lab tasks and submit a comprehensive report that demonstrates your understanding of the methodologies and findings.
Yes, if you do not pass the exam on your first attempt, you can retake it. Please contact our training team for details on retake policies and any associated fees.
We offer a 20% discount for veterans, active military personnel, students, educators, and first responders. To claim your discount, email training-team@whiteknightlabs.com with proof of eligibility, and we will provide you with a custom discount code.
Yes, group discounts are available for corporate teams. Please contact us at training-team@whiteknightlabs.com for more information on group rates and arrangements.
We recommend reviewing basic Azure and cloud security concepts, familiarizing yourself with PowerShell, Python, and Azure CLI, and reading any pre-course materials provided upon registration.
Participants need a laptop with at least 8GB of RAM, an Azure Tenant with a P2 License, and a subscription. Additionally, participants should have PowerShell, Python, and Azure CLI installed on their laptops.
Yes, upon successfully completing the course and passing the certification exam, you will receive a digital certification that verifies your skills and knowledge in offensive Azure operations and tactics.
No, the certification does not expire. However, we recommend staying updated with the latest Azure security practices and technologies to maintain your skills.
No, the exam voucher does not expire, allowing you to take the exam at your convenience whenever you feel ready.
No, the training does not expire. You will have lifetime access to the course materials, recordings, and labs, allowing you to revisit the content and continue learning at your own pace.
Yes, as the labs are run in your own Azure environment, you will incur standard Azure usage charges based on the resources you deploy and use during the training.
Register Now for the On-Demand Training
Start at your own pace and take as long as you need to complete the course and labs. Secure your seat now and receive additional details by email once you complete the registration.
