AWS Security DevSecOps AWS Security Services 2022

Implement SAST, SCA & DAST in AWS DevSecOps Pipeline from scratch and Security Services as a Security Engineer in AWS
AWS Security DevSecOps AWS Security Services 2022
File Size :
1.40 GB
Total length :
3h 40m

Category

Instructor

A Security Guru

Language

Last update

Last updated 10/2022

Ratings

4.4/5

AWS Security DevSecOps AWS Security Services 2022

What you’ll learn

Learn DevSecOps implementation in AWS and various AWS Security Services
Learn to implement End to End DevSecOps Pipeline in AWS that include SAST, DAST & SCA
Learn AWS CodeBuild and integration with CodePipeline
Learn AWS CodeCommit and connect with Git Bash
Learn AWS IAM and assign inline policies to IAM roles
Learn AWS Security and implementation of AWS Security services
Learn to implement quality gates in AWS Code Pipeline using Sonar
Learn to integrate Sonar and Snyk in AWS Code Pipeline
Learn to create DevSecOps Engineer CV
Learn to run automated scan on entire AWS Infrastructure using AQUA
Learn to implement CSPM in AWS
Learn to implement End to End DevSecOps pipeline within AWS

AWS Security DevSecOps AWS Security Services 2022

Requirements

Basic computer knowledge
Basic Programming Knowledge

Description

Course Updates:v 5.0 – July 2022Updated course with videos on End To End AWS DevSecOps Pipeline for a Java Project in Section 4v 4.0 – June 2022Updated course with notes on Docker Commands in Section 6Updated course with notes on Kubernetes Commands in Section 6Updated course with GitHub Repo for Sample Dockerfile in Section 6Updated course with GitHub Repo for Sample Kubernetes Deployment file in Section 6Update course with WAF Regular Expression Pattern Set Video lectures in Section 5v 3.0 – May 2022Updated course with newer videos on OWASP ZAP integration in AWS DevSecOps Pipeline to perform DAST in Section 3Updated course with newer videos to store AWS Code Build Artifacts in S3 buckets and store DAST reports automatically in S3Added new questions to Quizzesv 2.0 – May 2022Updated course with newer videos on AWS Cloud Security Posture Management and automatic config issue discovery in AWSAdded SCA in DevSecOps PipelineAdded new questions to Quizzesv 1.0 – April 2022Updated course with newer videos on AWS Security ServicesAdded Quizzes to the course——————————————————————————————————————————–Who shall take this course?This AWS Security & AWS DevSecOps course is designed for Security Engineers, DevOps Engineers, SRE, QA Professionals and Freshers looking to find a job in the field of security. This is a focused AWS DevSecOps course with a special focus on integrating SAST/DAST/SCA tools in Build pipeline. This course also teaches to implement an End to End DevSecOps pipeline on AWS for a Java Project.Learn and implement security in DevOps pipeline, get Hands On experience in using Security tools & technologies. This course is for:DevelopersDevOpsSecurity EngineersAspiring professional in the Security domainQuality Assurance EngineersInfoSec/AppSec Professional DevSecOps being the hot skill, will help you to secure a high-salaried job and stay informed on the latest market trends. ——————————————————————————————————————————–Why purchase this course?This is only practical hands-on course available on the internet till now.DevSecOps enables rapid application development with agility, at the same time it secures your application with automated security checks integrated within the pipeline. It helps to increase productivity and security by integrating security stages in the pipeline.Also, we have included practical examples to implement security in the DevOps pipeline through various tools.By the end of the course, you will be able to successfully implement DevOps or DevSecOps pipeline and lead initiatives to create, build and maintain security pipelines in your project.No Action required before taking this course. For any question or concerns, Please post your comments on discussions tabDisclaimer: English subtitles are auto-generated so please ignore any grammar mistakes

Overview

Section 1: Introduction

Lecture 1 Introduction and Course Agenda

Lecture 2 Instructor Bio

Lecture 3 About the Course

Section 2: Deep Dive into DevSecOps

Lecture 4 Basic Security Terms – If new to security field

Lecture 5 What is DevSecOps?

Lecture 6 Tools used for DevSecOps Implementation in the market – Detailed discussion

Lecture 7 Tools used for DevSecOps in AWS

Section 3: Hands On – Integrating Security in AWS CI/CD Pipeline

Lecture 8 Create AWS Free Tier Account

Lecture 9 Install Git on Windows Machine

Lecture 10 Connect Git bash with AWS CodeCommit

Lecture 11 Push Vulnerable application code to AWS CodeCommit using Git Bash

Lecture 12 What is SonarCloud and its benefits?

Lecture 13 Add BuildSpec YAML file in the vulnerable application to integrate SonarCloud

Lecture 14 Create SonarCloud Project and update BuildSpec YAML file with SonarCloud values

Lecture 15 Create AWS Code Build project and run SAST analysis using SonarCloud

Lecture 16 Fix Code Coverage issues in SonarCloud for your Vulnerable application

Lecture 17 Move SonarCloud Security Token from Pipeline to AWS Secrets Manager

Lecture 18 Implement quality gates using Sonar

Lecture 19 Create AWS CodePipeline and automate the AWS CodeBuild project

Lecture 20 What is Snyk and its benefits?

Lecture 21 Integrate Snyk in AWS Code Pipeline

Lecture 22 What is OWASP ZAP and its benefits?

Lecture 23 Configure AWS Code Build to store security tools artifacts in S3 Buckets

Lecture 24 Integrate OWASP ZAP in AWS DevSecOps Pipeline using BuildSpec YAML

Lecture 25 Create VPC endpoint and update information in AWS CodeBuild

Section 4: Case Study: Implementing an End To End AWS DevSecOps Pipeline for a Java Project

Lecture 26 Case Study: Understanding Project Requirements before workflow implementation

Lecture 27 Hands On: Write code changes to integrate SAST, SCA & DAST in DevSecOps Pipeline

Lecture 28 Hands On: Execute End to End AWS DevSecOps Pipeline and review logs

Section 5: Report Security issues found during SAST, SCA & DAST scans in JIRA

Lecture 29 Hands On: Create JIRA account with Atlassian with custom JIRA site

Lecture 30 Hands On: Report SAST security issues in JIRA identified by SonarCloud

Lecture 31 Hands On: Report SCA security issues in JIRA identified by Snyk

Lecture 32 Hands On: Report DAST security issues in JIRA identified by OWASP ZAP

Section 6: Cloud Security Posture Management using AQUA

Lecture 33 What is CSPM?

Lecture 34 How AQUA implements CSPM?

Lecture 35 Register for trial account in AQUA

Lecture 36 Integrate AQUA with AWS Account

Lecture 37 Scan for AWS Configuration/Infra issues using AQUA

Section 7: Security Services in AWS

Lecture 38 AWS Security Hub Basics

Lecture 39 Hands On: AWS Security Hub implementation

Lecture 40 Amazon Guard duty basics

Lecture 41 Hands on: Amazon Guard duty implementation

Lecture 42 Hands on: Review Guard duty findings and additional features

Lecture 43 Hands on: Amazon Inspector basics and implementation

Lecture 44 Hands on: Amazon Detective basics and implementation

Lecture 45 Hands on: Amazon IAM access analyzer basics and implementation

Lecture 46 Hands on: Amazon Macie basics and implementation – Part 1

Lecture 47 Hands on: Amazon Macie basics and implementation – Part 2

Lecture 48 AQUA: Container security feature

Lecture 49 AWS Audit Manager Basics

Lecture 50 Hands On: AWS Audit Manager implementation

Lecture 51 Create assessment in AWS audit manager

Lecture 52 Hands On: Review results of all integrations performed with Security Hub

Lecture 53 Hands On: Implement WAF in AWS

Lecture 54 Hands On: Create Regular Expression Pattern Set in AWS WAF and assign it to ACL

Section 8: Docker and Kubernetes Commands for DevSecOps Interview

Lecture 55 Notes on Docker Commands

Lecture 56 Sample Dockerfile

Lecture 57 Notes on Kubernetes Commands

Lecture 58 Sample kubernetes Deployment file to deploy Docker container with load balancer

Section 9: Next Steps

Lecture 59 Application Security As a Career

Lecture 60 Sample DevSecOps Engineer CV

Lecture 61 Bonus Lecture

Cloud Security Engineers,DevSecOps Engineers,AWS Security Engineers

Course Information:

Udemy | English | 3h 40m | 1.40 GB
Created by: A Security Guru

You Can See More Courses in the IT & Software >> Greetings from CourseDown.com

New Courses

Scroll to Top