Your CI/CD pipelines deploy code to production without security checks, exposing your infrastructure to known vulnerabilities? DevOps teams that neglect security in their pipelines create exploitable gaps with every deployment. Without systematic integration of security controls in the CI/CD flow, secrets are exposed in code, vulnerable dependencies go undetected, and non-compliant configurations reach production.
This official Microsoft AZ-2001 training teaches you in 1 day how to implement security directly into your Azure DevOps pipelines. You configure granular permission strategies, integrate automated vulnerability scans, manage secrets with Azure Key Vault, and set up security gates that block non-compliant deployments. Guided by MCT-certified trainers, you practice on Microsoft cloud labs with realistic DevSecOps scenarios. This training validates the corresponding Applied Skill. Sessions are available in person in Geneva and Lausanne or as virtual classroom.
Module 1: Configure a project and repository structure to support secure pipelines
Module 2: Configure secure access to pipeline resources
Module 3: Manage identity for projects, pipelines, and agents
Module 4: Configure and validate permissions
Module 5: Extend a pipeline to use multiple templates
Module 6: Configure secure access to Azure Repos from pipelines
Module 7: Configure pipelines to securely use variables and parameters
Pipeline security has become a critical priority for organizations deploying on Azure. Recent supply chain attacks have demonstrated that CI/CD pipelines are prime targets for attackers. Integrating security directly into the deployment flow, rather than treating it as a separate step, dramatically reduces the attack surface. The DevSecOps approach ensures that every code change goes through automated security checks before reaching production, without slowing down the delivery pace.
This intensive one-day training focuses on practical pipeline security implementation. You start by configuring permissions and roles in Azure DevOps to apply the least-privilege principle. You then integrate vulnerability scanning tools that automatically analyze code and dependencies at each pipeline execution. Secret management with Azure Key Vault eliminates hardcoded credentials in your configurations. Security gates add approval checkpoints that block deployments failing to meet your security criteria. Each concept is immediately put into practice on Microsoft cloud lab environments.
This training is designed for DevOps engineers, CI/CD engineers, and security-conscious developers who want to strengthen the security of their deployment pipelines. Cloud security architects exploring DevSecOps implementation will also find directly applicable content. Prerequisites include practical experience with Azure DevOps pipelines (creating and running pipelines), basic understanding of security concepts (authentication, authorization, secret management), and familiarity with YAML for pipeline configuration. The AZ-400 training provides an excellent foundation but is not mandatory.
This training validates a Microsoft Applied Skill, a targeted credential that demonstrates your ability to implement security in Azure DevOps pipelines. Unlike traditional certifications, the Applied Skill is validated through a hands-on assessment where you must complete security configuration tasks in a real environment. This training perfectly complements the AZ-400 (DevOps Engineer Expert) by deepening the security aspects only briefly covered in the broader program. For professionals already AZ-400 certified, the AZ-2001 adds concrete DevSecOps specialization to their profile.
ITTA delivers this training with MCT-certified trainers experienced in securing Azure DevOps environments for Swiss companies. Our sessions in Geneva and Lausanne are limited in size to allow personalized interaction with the trainer and in-depth security scenario work. The official Microsoft lab environments provide a complete infrastructure to practice permission configurations, vulnerability scans, and security gates without risk. Post-training technical support allows you to apply acquired practices in your professional environment with trainer assistance if needed.
Is this training only for Azure DevOps or does it also cover GitHub?
This training focuses specifically on Azure DevOps pipeline security. GitHub security features are covered in other training courses in the DevOps pathway.
Do I need to be a security specialist to take this training?
No, the training is designed for DevOps professionals who want to integrate security into their practices. A basic understanding of authentication and authorization concepts is sufficient.
What is the difference between a certification and an Applied Skill?
A traditional certification (like AZ-400) covers a broad domain and is validated by a theoretical exam. An Applied Skill validates a specific competency through a hands-on assessment in a real environment.
Does this training cover secret scanning in code?
Yes, the training covers integrating tools that detect exposed secrets in source code and pipeline configurations, as well as secret management with Azure Key Vault.
Can I take this training without AZ-400 experience?
Yes, provided you have practical experience with Azure DevOps pipelines. The AZ-400 provides a broader foundation but is not a mandatory prerequisite for this training.
Monday to Friday
8:30 AM to 6:00 PM
Tel. 058 307 73 00
ITTA
Route des jeunes 35
1227 Carouge, Suisse
Monday to Friday, from 8:30 am to 06:00 pm.
