SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Video accessible from your Account page after purchase.
Register your product to gain access to bonus material or receive a coupon.
Almost 4 Hours of Video Instruction
Create a continuous security posture by defining all your AWS security and compliance as code, and run in a continuous delivery workflow with every change using services and tools such as AWS CloudFormation, AWS CodePipeline, and many others.
Overview
In this course, you will learn how to use AWS services, which provide the ability to create an end-to-end continuous security solution. These services include AWS CloudFormation, AWS CodePipeline, Amazon EventBridge, AWS Lambda, AWS Step Functions, AWS Organizations, AWS Security Hub, Amazon GuardDuty, AWS Config Rules, Amazon Inspector, AWS Secrets Manager, Amazon VPC, Amazon Macie, and AWS Audit Manager--among many others. You will learn how to use a combination of these services to apply key design principles for security and build continuous security solutions within your software systems. Throughout the course, you will see working examples of how to automate security using AWS services.
About the Instructor
Paul Duvall is a founder and former CTO of Stelligent--a Premier Consulting Partner with the DevOps and Security Competencies. He holds multiple AWS certifications including AWS Certified Security - Specialty. He has architected, implemented, and managed software and systems solutions for over 20 years. He is principal author of Continuous Integration: Improving Software Quality and Reducing Risk (Addison-Wesley, 2007), a 2008 Jolt Award winner.
He is also the author of many other publications, including the videos Continuous Compliance on AWS and Continuous Encryption on AWS, and Continuous Security on AWS, which are part of Addison-Wesley's DevSecOps on AWS Series. He hosted the “DevOps on AWS Radio” podcast for over three years.
He enjoys blogging and speaking on all topics related to DevSecOps, Serverless, and AWS. You can find his blog posts and other content at paulduvall.io.
Skill Level
Intermediate to Advanced
Learn How To
Introduction
0.1 AWS Security Concepts
0.2 AWS Security Practices and Resources
Lesson 1: Common Tools for Continuous Security
Learning objectives
1.1 Amazon CloudWatch
1.2 AWS CodePipeline
1.3 AWS Cloud9
1.4 AWS CloudFormation
1.5 Amazon EventBridge
1.6 AWS Step Functions
1.7 AWS Systems Manager
1.8 AWS Lambda
1.9 Deployment Pipeline Architectures
1.10 Demo: Setup Dev Environment and CD Pipelines
Lesson 2: Identity and Access Management
Learning objectives
2.1 AWS IAM
2.2 AWS Single-Sign On
2.3 Amazon Cognito
2.4 AWS Directory Service
2.5 AWS Resource Access Manager
2.6 AWS Organizations
2.7 Deployment Pipeline Architectures
2.8 Demo: AWS Organizations
Lesson 3: Detection and Incident Response
Learning objectives
3.1 AWS Security Hub
3.2 Amazon GuardDuty
3.3 Amazon Inspector
3.4 AWS Config
3.5 AWS CloudTrail
3.6 AWS IoT Device Defender
3.7 Amazon Detective
3.8 CloudEndure Disaster Recovery
3.9 Services Pipelines: Shift Left
3.10 Deployment Pipeline Architectures
3.11 Demo: AWS Security Hub
Lesson 4: Infrastructure Protection
Learning objectives
4.1 AWS Shield
4.2 AWS Web Application Firewall
4.3 AWS Firewall Manager
4.4 Amazon VPC
4.5 Deployment Pipeline Architectures
4.6 Demo: Amazon VPC
Lesson 5: Data Protection
Learning Objectives
5.1 Amazon Macie
5.2 AWS Key Management Service (KMS)
5.3 AWS CloudHSM
5.4 AWS Certificate Manager (ACM)
5.5 AWS Secrets Manager
5.6 Deployment Pipeline Architectures
5.7 Demo: Amazon Macie
Lesson 6: Compliance
Learning Objectives
6.1 AWS Artifact
6.2 AWS Audit Manager
6.3 Deployment Pipeline Architectures
6.4 Demo: AWS Audit Manager
Lesson 7: Deployment Architectures
Learning Objectives
7.1 Deployment Architecture Considerations for Security
7.2 Demo: Container Security
Summary