Advanced Policy as code Mastery
RCCE students will learn secure CI/CD pipelines, infrastructure as code security, container hardening, supply chain risk management, and automated security testing. RCCE students will learn to integrate security into every phase of the software development lifecycle, shift security left with automated tooling, protect build and deployment pipelines from supply chain attacks, and build security automation that scales with development velocity. This advanced mastery course challenges experienced practitioners with complex scenarios, expert-level techniques, and nuanced decision-making. Building on core knowledge, RCCE students will learn to handle the most demanding situations in this domain, developing the expertise expected of senior security professionals. Students tackle multi-layered problems that require synthesizing knowledge across multiple disciplines.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Advanced Policy as code Mastery
- Execute hands-on tasks for ci/cd pipeline security — covering gates at every pipeline stage, misconfigurations pre-deploy.
- Execute hands-on tasks for policy as code fundamentals — covering and version policies in code, Understand PaC paradigms and tooling.
- Execute hands-on tasks for container & supply chain — covering Harden container images with policy, SBOMs and provenance.
- Execute hands-on tasks for scaling security automation — covering Build reusable policy libraries, policy effectiveness at scale.
- Execute hands-on tasks for declarative rules — covering Human-readable definitions.
- Execute hands-on tasks for automated enforcement — covering No manual approval bottlenecks.
- Execute hands-on tasks for full git history of changes — covering Intent-based, not imperative, Consistent across environments, Compliance evidence by default.
- Execute hands-on tasks for pac vs traditional policy management
- Integrate privilege controls with identity providers and SIEM telemetry, including Kubernetes-native policies.
- Execute hands-on tasks for cloud-native services — covering OPA for K8s admission.
- Execute hands-on tasks for open policy agent & rego language
- Execute hands-on tasks for rego syntax — covering Datalog-inspired declarative, Rules, packages, imports.
| Module 01 | CI/CD Pipeline Security |
| Module 02 | Policy as Code Fundamentals |
| Module 03 | Container & Supply Chain |
| Module 04 | Scaling Security Automation |
| Module 05 | Declarative Rules |
| Module 06 | Automated Enforcement |
| Module 07 | Full Git history of changes |
| Module 08 | PaC vs Traditional Policy Management |
| Module 09 | First-class TF integration |
| Module 10 | Cloud-Native Services |
| Module 11 | Open Policy Agent & Rego Language |
| Module 12 | Rego Syntax |
| Module 13 | Decision Logging |
| Module 14 | Rego Policy Patterns |
All hands-on labs run on Rocheston Rose X OS. Students practice advanced policy as code mastery by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for ci/cd pipeline security
- Lab 2: Execute hands-on tasks for policy as code fundamentals
- Lab 3: Execute hands-on tasks for container & supply chain
- Lab 4: Execute hands-on tasks for scaling security automation
- Lab 5: Execute hands-on tasks for declarative rules
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Advanced Policy as code Mastery, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI