Sorry, not available in this language yet

English
日本語
简体中文

AI-generated code | Harness the power of AI coding assistants while managing the risks.
API Security Testing | Manage software risks with a holistic API security testing program.
AppSec Program Consolidation | Simplify your application security program.
Application Security Testing | Solutions to address security risks at all stages of the application life cycle.
DevSecOps | Solutions to help shift security left without slowing down your development teams.
Software Supply Chain Security | Solutions to identify and manage software supply chain risks end-to-end.
Manage Enterprise AppSec Risk | Scale your application security program without increasing complexity or adding friction.
Cloud & Container Security | Optimize your applications for secure deployment and operation in the cloud.
Open Source License Compliance | Effective solutions for ensuring open source license compliance.
M&A Due Diligence | Identify software risks that could negatively impact the value of acquired IP.
Quality and Security Standards Compliance | Ensure your software complies with the standards critical to customers and regulators.

Static Analysis (SAST) | Analyzing code for security vulnerabilities without executing it.
Software Composition Analysis (SCA) | Analyzing software components for security and license compliance.
Dynamic Analysis (DAST) | Testing running applications for security vulnerabilities.
Interactive Analysis (IAST) | Real-time security testing during application execution.
Penetration Testing | Simulated cyberattacks to identify vulnerabilities.
Mobile Application Security Testing (MAST) | Ensuring the security of mobile applications.
Application Security Posture Management (ASPM) | Managing and improving application security posture.
Fuzz Testing Solutions | Identifying vulnerabilities by inputting random data to applications.

Automotive | Security solutions for automotive industry applications.
Financial Services | Security solutions tailored for financial services.
IoT & Embedded | Security for Internet of Things and embedded systems.
Medical Devices | Security solutions for medical devices.
Public Sector | Security solutions for government and public sector organizations.

Dev and DevOps Teams | Security tools and practices for development and DevOps teams.
Security Teams | Solutions and support for dedicated security teams.
Legal Teams | Resources and compliance tools for legal teams.

Securing Amazon Web Services

Course Description

This course dives into the world of secure full-stack software development and deployment using Amazon Web Services (AWS). Learn to use AWS-specific tools and features to ensure your application's production data is adequately protected and monitored. By course end, you should understand how to set up a basic hardened AWS infrastructure capable of deploying a production web application.

Learning Objectives

Deploy web applications securely using AWS
Implement robust identity and access management controls
Utilize built-in AWS security features
Store and transmit data in AWS environments securely
Integrate security monitoring and alerting

Details

Delivery Format: eLearning

Duration: 1 Hour

Level: Intermediate

Intended Audience

Architects
Back-End Developers
Enterprise Developers
Front-End Developers

Prerequisites

Introduction to Cloud Security

Course Outline

Introduction to AWS Security

Introduction to Cloud Security
Shared Responsibility Model
AWS Architecture
Application Security
Compliance and Governance
AWS Security or Bust

Infrastructure Security

Virtual Private Cloud (VPC) Security
Network Routing
Security Groups
Firewalls and Access Control Lists
Comparison
Denial of Service Protection
Web Application Firewall
AWS Systems Manager
AWS Firewall Manager and Network Security Strategy

Identity and Access Management

Identity Access Management Overview
IAM in AWS
Temporary Tokens
Authentication for Your Apps
Permissions and Access Control
Storing and Accessing Credentials
Summary
Compromising a Password Manager's Password

Data Security

Data Handling Introduction
Encrypting EBS Volumes
S3 Data Protection
S3 Security Best Practices
AWS Key Management Service
Data Backups, Retention, and Disposal
2017: The Year of the Misconfigured S3 Bucket

Monitoring and Alerting

Introduction to Security Monitoring in the Cloud
Auditing and Logging
CloudTrail Security Monitoring in AWS
Creating Alerts Using CloudWatch
Extending Alerting Capabilities
AWS Config
GuardDuty Security Monitoring
Putting It All Together

Training

Developer Security Training

Equip development teams with the skills and education to write secure code and fix issues faster

Learn more about developer security training