The field of DevOps security education necessitates innovative approaches to effectively address the ever-evolving challenges of cybersecurity. In adopting a student-centered ap-proach, there is the need for the design and development of a comprehensive set of hands-on learning modules. In this paper, we introduce hands-on learning modules that enable learners to be familiar with identifying known security weaknesses, based on taint tracking to accurately pinpoint vulnerable code. To cultivate an engaging and motivating learning environment, our hands-on approach includes a pre-lab, hands-on and post lab sections. They all provide introduction to specific DevOps topics and software security problems at hand, followed by practicing with real world code examples having security issues to detect them using tools. The initial evaluation results from a number of courses across multiple schools show that the hands-on modules are enhancing the interests among students on software security and cybersecurity, while preparing them to address DevOps security vulnerabilities.

翻译：DevOps安全教学领域需要创新方法以有效应对网络安全领域不断演变的挑战。采用以学生为中心的教学方法时，需要设计开发一套综合性的实践学习模块。本文介绍了一套实践学习模块，使学习者能够基于污点追踪技术准确识别已知安全弱点并定位脆弱代码。为营造富有吸引力和激励性的学习环境，我们的实践方案包含实验前导、动手实验和实验后三个部分。所有模块首先介绍特定DevOps主题及涉及的软件安全问题，随后引导学习者通过真实代码案例（包含安全问题）运用工具进行检测。来自多所院校多门课程的初步评估结果表明，这些实践模块在提升学生对软件安全和网络安全兴趣的同时，也为他们应对DevOps安全漏洞做好了准备。