Teaching DevOps Security Education with Hands-on Labware: Automated Detection of Security Weakness in Python

TL;DR

This paper presents a hands-on educational approach for DevOps security using modules that teach students to identify security weaknesses in Python code through taint tracking, enhancing engagement and practical skills.

Contribution

It introduces a comprehensive set of interactive learning modules with real-world examples for detecting security vulnerabilities in DevOps environments.

Findings

Increased student interest in cybersecurity topics.

Effective detection of security weaknesses in Python code.

Positive feedback from multiple course implementations.

Abstract

The field of DevOps security education necessitates innovative approaches to effectively address the ever-evolving challenges of cybersecurity. In adopting a student-centered ap-proach, there is the need for the design and development of a comprehensive set of hands-on learning modules. In this paper, we introduce hands-on learning modules that enable learners to be familiar with identifying known security weaknesses, based on taint tracking to accurately pinpoint vulnerable code. To cultivate an engaging and motivating learning environment, our hands-on approach includes a pre-lab, hands-on and post lab sections. They all provide introduction to specific DevOps topics and software security problems at hand, followed by practicing with real world code examples having security issues to detect them using tools. The initial evaluation results from a number of courses across multiple schools show that the hands-on modules are enhancing the interests among students on software security and cybersecurity, while preparing them to address DevOps security vulnerabilities.