Video description
Almost 4 Hours of Video InstructionCreate a continuous security posture by defining all your AWS security and compliance as code, and run in a continuous delivery workflow with every change using services and tools such as AWS CloudFormation, AWS CodePipeline, and many others.
Overview
In this course, you will learn how to use AWS services, which provide the ability to create an end-to-end continuous security solution. These services include AWS CloudFormation, AWS CodePipeline, Amazon EventBridge, AWS Lambda, AWS Step Functions, AWS Organizations, AWS Security Hub, Amazon GuardDuty, AWS Config Rules, Amazon Inspector, AWS Secrets Manager, Amazon VPC, Amazon Macie, and AWS Audit Manager--among many others. You will learn how to use a combination of these services to apply key design principles for security and build continuous security solutions within your software systems. Throughout the course, you will see working examples of how to automate security using AWS services.
About the Instructor
Paul Duvall is a founder and former CTO of Stelligent--a Premier Consulting Partner with the DevOps and Security Competencies. He holds multiple AWS certifications including AWS Certified Security - Specialty. He has architected, implemented, and managed software and systems solutions for over 20 years. He is principal author of Continuous Integration: Improving Software Quality and Reducing Risk (Addison-Wesley, 2007), a 2008 Jolt Award winner.
He is also the author of many other publications, including the videos Continuous Compliance on AWS and Continuous Encryption on AWS, and Continuous Security on AWS, which are part of Addison-Wesley's DevSecOps on AWS Series. He hosted the “DevOps on AWS Radio” podcast for over three years.
He enjoys blogging and speaking on all topics related to DevSecOps, Serverless, and AWS. You can find his blog posts and other content at paulduvall.io.
Skill Level
Intermediate to Advanced
Learn How To
- Apply key design principles for security
- Apply event-based design patterns for security
- Utilize AWS Developer Tools for DevSecOps
- Use AWS CodePipeline and AWS CloudFormation to model continuous security workflows
- Define your AWS Organizations as code using org-formation
- Automate detective controls using AWS CloudFormation, AWS Security Hub, AWS Config Rules, and Amazon Inspector
- Protect network and host-level boundaries with Amazon VPC
- Perform data classification using AWS CloudFormation and Amazon Macie
- Create an audit assessment using AWS CloudFormation and AWS Audit Manager
- Apply security as code for container-based workloads using AWS CodePipeline, AWS CodeBuild, and open source tooling
- Software developers and security and compliance professionals who want to integrate security into every facet of the software development and delivery process
- Professionals with a working knowledge of AWS and programming knowledge who want to make security ubiquitous across their systems
- Working knowledge of AWS (e.g., 1-2+ years working with AWS)
- Practical experience with a high-level programming experience--such as Python, Java, Node.js, etc.--is helpful but not necessary
Introduction
Lesson 1: Common Tools for Continuous Security
Lesson 2: Identity and Access Management
Lesson 3: Detection and Incident Response
Lesson 4: Infrastructure Protection
Lesson 5: Data Protection
Lesson 6: Compliance
Lesson 7: Deployment Architectures
Summary
Lesson Descriptions
In Lesson 1, Common Tools for Continuous Security, you will learn about cross-cutting tools that help automate security and compliance as code such as AWS CodePipeline, AWS CloudFormation, and AWS Lambda.
In Lesson 2, Identity and Access Management, you will learn about services that protect identities and access across AWS such as AWS IAM and AWS Organizations.
In Lesson 3, Detection and Incident Response, you will learn how to use security automation to detect and respond to security issues such as AWS Security Hub and AWS Config.
In Lesson 4, Infrastructure Protection, you will learn about services that protect your AWS infrastructure such as AWS WAF & Shield and Amazon VPC.
In Lesson 5, Data Protection, you will learn how to classify and protect data using services such as Amazon Macie and AWS KMS.
In Lesson 6, Compliance, you will learn about how to automate compliance using services such as AWS Audit Manager.
In Lesson 7, Deployment Architectures, you will learn about the different ways to apply Continuous Security to a container-based workload.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que Topics include: IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.
Table of contents
- Introduction
- Lesson 1: Common Tools for Continuous Security
- Lesson 2: Identity and Access Management
-
Lesson 3: Detection and Incident Response
- Learning objectives
- 3.1 AWS Security Hub
- 3.2 Amazon GuardDuty
- 3.3 Amazon Inspector
- 3.4 AWS Config
- 3.5 AWS CloudTrail
- 3.6 AWS IoT Device Defender
- 3.7 Amazon Detective
- 3.8 CloudEndure Disaster Recovery
- 3.9 Services Pipelines: Shift Left
- 3.10 Deployment Pipeline Architectures
- 3.11 Demo: AWS Security Hub
- Lesson 4: Infrastructure Protection
- Lesson 5: Data Protection
- Lesson 6: Compliance
- Lesson 7: Deployment Architectures
- Summary
Product information
- Title: Continuous Security on AWS (The DevSecOps on AWS Series)
- Author(s):
- Release date: March 2021
- Publisher(s): Pearson
- ISBN: 0136870856
You might also like
video
Continuous Encryption on AWS (The DevSecOps on AWS Series) LiveLessons (Video Training)
5+ Hours of Video Instruction Overview In this course, you learn how to use AWS services …
video
Continuous Compliance on AWS (The DevSecOps on AWS Series)
6+ Hours of Video Instruction Automatically adhere to best practices by learning to run compliance as …
video
Continuous Compliance, Encryption, and Security on AWS (The DevSecOps Series on AWS)
Overview is a series of video courses that will help you use AWS services to define …
video
AWS MasterClass: Storage & CDN - AWS S3 & AWS CloudFront
This comprehensive video course is designed to equip you with the knowledge and skills needed to …