IntegraCI Certified Security & Compliance Specialist (ICSC)
Secure it and prove it: gates, policy as code, provenance, the audit trail and evidence, compliance policy bundles, governed AI, and isolation.
&k=training)
- Audience: application security, platform security, and compliance and audit practitioners who set the rules a release must clear and have to show the work later. You do not need to author golden paths or run the platform; you need to read, set, and prove controls.
- Outcomes — after this course you can:
- Explain how scanners run in your pipeline, how findings flow back, and how a build that breaks policy stops before it reaches deploy, closed by default.
- Read, version, and reason about an OPA policy gate, and set tier-aware thresholds so production demands more than staging.
- Explain signed provenance and gated promotion: how you prove an artifact came from the pipeline you expect, and why only signed, scanned builds promote.
- Use the tamper-evident SHA-256 audit trail and export evidence on demand for an examiner.
- Open a compliance policy bundle, read its framework mapping, and describe it accurately as a bundle that maps evidence, not a certification.
- Explain governed AI (human-in-the-loop approval, scoped credentials, per-tenant budgets) and database-enforced (RLS) tenant isolation.
- Time: about 6 to 8 hours of self-paced study plus the labs.
- Prereq: ICA recommended. The exam assumes you already know the four pillars, the SDLC, the connector model, and the control-plane idea.
&k=training)
&k=training)
&k=training)