In this course, you will explore best practices and strategies around securing access to cloud services and infrastructure. You will also use tools and methods available with AWS to ensure that data stored in the cloud is protected. Finally, you will investigate security practices around monitoring and defending cloud-based applications and environments.
Overview
Syllabus
- Introduction to Designing for Security
- The who, what, when, and why of Designing for Security in the cloud.
- Securing Access to Cloud Services
- After this lesson, you will be able to secure access for both AWS users and applications, apply security best practices such as identity federation, and fine tune least privilege access permissions.
- Securing Access to Cloud Infrastructure
- After this lesson, you will be able to access cloud resources securely, protect against data exfiltration, ensure compliance, and configure VPC endpoints to keep traffic within your VPC.
- Protecting Data Stored in the Cloud
- Our goal is to minimize the risk of a malicious actor accessing our networks and servers, invoke the AWS API, and, ultimately, perform destructive or unauthorized actions in our environments.
- Defensive Security in the Cloud
- You will identify vulnerable misconfigurations, guard against malicious activity, and design a deployment pipeline that ensures that security practices are implemented early on.
- Project: Secure the Recipe Vault Web Application
- In this project, you'll put everything you learned in the course to secure a web application.
Taught by
Mehdi Razvi