Continuous Security on AWS (The DevSecOps on AWS Series) LiveLessons (Video Training)

Description

• Copyright 2021
• Edition: 1st

• Online Video
• ISBN-10: 0-13-687083-X
• ISBN-13: 978-0-13-687083-8

Almost 4 Hours of Video Instruction
 
Create a continuous security posture by defining all your AWS security and compliance as code, and run in a continuous delivery workflow with every change using services and tools such as AWS CloudFormation, AWS CodePipeline, and many others.

Overview
 
In this course, you will learn how to use AWS services, which provide the ability to create an end-to-end continuous security solution. These services include AWS CloudFormation, AWS CodePipeline, Amazon EventBridge, AWS Lambda, AWS Step Functions, AWS Organizations, AWS Security Hub, Amazon GuardDuty, AWS Config Rules, Amazon Inspector, AWS Secrets Manager, Amazon VPC, Amazon Macie, and AWS Audit Manager--among many others. You will learn how to use a combination of these services to apply key design principles for security and build continuous security solutions within your software systems. Throughout the course, you will see working examples of how to automate security using AWS services.

About the Instructor

Paul Duvall is a founder and former CTO of Stelligent--a Premier Consulting Partner with the DevOps and Security Competencies. He holds multiple AWS certifications including AWS Certified Security - Specialty. He has architected, implemented, and managed software and systems solutions for over 20 years. He is principal author of Continuous Integration: Improving Software Quality and Reducing Risk (Addison-Wesley, 2007), a 2008 Jolt Award winner.

He is also the author of many other publications, including the videos Continuous Compliance on AWS and Continuous Encryption on AWS, and Continuous Security on AWS, which are part of Addison-Wesley's DevSecOps on AWS Series. He hosted the “DevOps on AWS Radio” podcast for over three years.

He enjoys blogging and speaking on all topics related to DevSecOps, Serverless, and AWS. You can find his blog posts and other content at paulduvall.io.  
 
Skill Level

Intermediate to Advanced
 
Learn How To

• Apply key design principles for security
• Apply event-based design patterns for security
• Utilize AWS Developer Tools for DevSecOps
• Use AWS CodePipeline and AWS CloudFormation to model continuous security workflows
• Define your AWS Organizations as code using org-formation
• Automate detective controls using AWS CloudFormation, AWS Security Hub, AWS Config Rules, and Amazon Inspector
• Protect network and host-level boundaries with Amazon VPC
• Perform data classification using AWS CloudFormation and Amazon Macie
• Create an audit assessment using AWS CloudFormation and AWS Audit Manager
• Apply security as code for container-based workloads using AWS CodePipeline, AWS CodeBuild, and open source tooling

Who Should Take This Course

• Software developers and security and compliance professionals who want to integrate security into every facet of the software development and delivery process
• Professionals with a working knowledge of AWS and programming knowledge who want to make security ubiquitous across their systems

 
Course Requirements

• Working knowledge of AWS (e.g., 1-2+ years working with AWS)
• Practical experience with a high-level programming experience--such as Python, Java, Node.js, etc.--is helpful but not necessary

Lesson Descriptions  

In Lesson 1, Common Tools for Continuous Security, you will learn about cross-cutting tools that help automate security and compliance as code such as AWS CodePipeline, AWS CloudFormation, and AWS Lambda.

In Lesson 2, Identity and Access Management, you will learn about services that protect identities and access across AWS such as AWS IAM and AWS Organizations.

In Lesson 3, Detection and Incident Response, you will learn how to use security automation to detect and respond to security issues such as AWS Security Hub and AWS Config.

In Lesson 4, Infrastructure Protection, you will learn about services that protect your AWS infrastructure such as AWS WAF & Shield and Amazon VPC.

In Lesson 5, Data Protection, you will learn how to classify and protect data using services such as Amazon Macie and AWS KMS.

In Lesson 6, Compliance, you will learn about how to automate compliance using services such as AWS Audit Manager.

In Lesson 7, Deployment Architectures, you will learn about the different ways to apply Continuous Security to a container-based workload.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que Topics include: IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.

Video Lessons are available for download for offline viewing within the streaming format. Look for the green arrow in each lesson.



Sample Content

Table of Contents

Introduction
0.1 AWS Security Concepts
0.2 AWS Security Practices and Resources

Lesson 1: Common Tools for Continuous Security
Learning objectives
1.1 Amazon CloudWatch
1.2 AWS CodePipeline
1.3 AWS Cloud9
1.4 AWS CloudFormation
1.5 Amazon EventBridge
1.6 AWS Step Functions
1.7 AWS Systems Manager
1.8 AWS Lambda
1.9 Deployment Pipeline Architectures
1.10 Demo: Setup Dev Environment and CD Pipelines

Lesson 2: Identity and Access Management
Learning objectives
2.1 AWS IAM
2.2 AWS Single-Sign On
2.3 Amazon Cognito
2.4 AWS Directory Service
2.5 AWS Resource Access Manager
2.6 AWS Organizations
2.7 Deployment Pipeline Architectures
2.8 Demo: AWS Organizations

Lesson 3: Detection and Incident Response
Learning objectives
3.1 AWS Security Hub
3.2 Amazon GuardDuty
3.3 Amazon Inspector
3.4 AWS Config
3.5 AWS CloudTrail
3.6 AWS IoT Device Defender
3.7 Amazon Detective
3.8 CloudEndure Disaster Recovery
3.9 Services Pipelines: Shift Left
3.10 Deployment Pipeline Architectures
3.11 Demo: AWS Security Hub
    
Lesson 4: Infrastructure Protection
Learning objectives
4.1 AWS Shield
4.2 AWS Web Application Firewall
4.3 AWS Firewall Manager
4.4 Amazon VPC
4.5 Deployment Pipeline Architectures
4.6 Demo: Amazon VPC

Lesson 5: Data Protection
Learning Objectives
5.1 Amazon Macie
5.2 AWS Key Management Service (KMS)
5.3 AWS CloudHSM
5.4 AWS Certificate Manager (ACM)
5.5 AWS Secrets Manager
5.6 Deployment Pipeline Architectures
5.7 Demo: Amazon Macie

Lesson 6: Compliance
Learning Objectives
6.1 AWS Artifact
6.2 AWS Audit Manager
6.3 Deployment Pipeline Architectures
6.4 Demo: AWS Audit Manager

Lesson 7: Deployment Architectures
Learning Objectives
7.1 Deployment Architecture Considerations for Security
7.2 Demo: Container Security
    
Summary



Updates

Submit Errata

