SANS SEC540: Cloud Security and DevOps Automation

دانلود دوره آموزشی 2020 SANS SEC540

دوره SEC540: Cloud Security and DevOps Automation محصول شرکت SANS به بررسی روش ها و توسعه و ساخت و ارائه زیرساخت های امن و نرم افزاری با استفاده از DevOps و خدمات ابر را ویژه متخصصان امنیتی فراهم می کند. در دوره Sec540 به شما اصول، شیوه ها و نحوه استفاده از ابزار DevOps در خصوص یکپارچگی و امنیت برنامه های تحت وب و اتوماسیون امنیتی ابر، آموزش داده می شود.

لینک دانلود SANS SEC540: Cloud Security and DevOps Automation 2020

حجم : 2.2 گیگابايت

دانلود – PDF + Workbook
دانلود – Video – بخش اول
دانلود – Video – بخش دوم

رمز فايل:

SEC540 provides development, operations, and security professionals with a methodology to build and deliver secure infrastructure and software using DevOps and cloud services. Students will explore how the principles, practices, and tools of DevOps can improve the reliability, integrity, and security of on-premise and cloud-hosted applications.

Starting with on-premise deployments, the first two days of the course examine the Secure DevOps methodology and its implementation using lessons from successful DevOps security programs. Students will gain hands-on experience using popular open-source tools such as Puppet, Jenkins, GitLab, Vault, Grafana, and Docker to automate Configuration Management (“infrastructure as Code”), Continuous Integration (CI), Continuous Delivery (CD), containerization, micro-segmentation, automated compliance (“Compliance as Code”), and Continuous Monitoring. The lab environment starts with a CI/CD pipeline that automatically builds, tests, and deploys infrastructure and applications. Leveraging the Secure DevOps toolchain, students perform a series of labs injecting security into the CI/CD pipeline using a variety of security tools, patterns, and techniques.

After laying the DevSecOps foundation, the final three days move DevOps workloads to the cloud, build secure cloud infrastructure, and deliver secure software. SEC540 provides in-depth analysis of the Amazon Web Services (AWS) toolchain, while lightly covering comparable services in Microsoft Azure. Using the CI/CD toolchain, students build a cloud infrastructure that can host containerized applications and microservices. Hands-on exercises analyze and fix cloud infrastructure and application vulnerabilities using security services and tools such as API Gateway, Identity and Access Management (IAM), CloudFront Signing, Security Token Service (STS), Key Management Service (KMS), managed WAF services, serverless functions, CloudFormation, AWS Security Benchmark, and much more.

Course Syllabus

SEC540.1: Introduction to Secure DevOps
SEC540.2: Moving to Production
SEC540.3: Moving to the Cloud
SEC540.4: Cloud Application Security
SEC540.5: Cloud Security Automation

SEC540 Will Prepare You To:

Understand the core principles and patterns behind DevOps:
  • Recognize how work is done in DevOps and identify keys to success
Map and implement a Continuous Delivery/Continuous Deployment pipeline:
  • Utilize Continuous Integration, Continuous Delivery, and Continuous Deployment workflows, patterns, and tools
  • Identify the security risks and issues associated with DevOps and Continuous Delivery
Understand the DevSecOps methodology and toolchain:
  • Use DevOps practices to secure DevOps tools and workflows
  • Conduct effective risk assessments and threat modeling in a rapidly changing environment
  • Design and write automated security tests and checks in CI/CD
  • Understand the strengths and weaknesses of different automated testing approaches in Continuous Delivery
  • Implement self-serve security services for developers
  • Inventory and patch your software dependencies
  • Threat model and secure your build and deployment environment
Integrate security into production operations:
  • Automate configuration management using infrastructure as code
  • Secure container technologies (such as Docker)
  • Build continuous monitoring feedback loops from production to engineering
  • Securely manage secrets for continuous integration servers and applications
  • Automate compliance and security policy scanning
Move your DevOps workloads to the cloud:
  • Secure your Amazon Web Services account
  • Understand the cloud architecture components
  • Use Infrastructure as Code (specifically CloudFormation) to automate cloud infrastructure
  • Incorporate security scanning into CodePipeline using CodeBuild
  • Containerize applications with the EC2 Container Registry and EC2 Container Service
Consume cloud services to secure cloud applications:
  • Protect sensitive secrets with KMS and the SSM Parameter Store
  • Protect static content with CloudFront Signing
  • Secure REST APIs with API Gateway
  • Leverage serverless functions to authorize requests to the API Gateway
Automate cloud security and operations tasks:
  • Patch systems with blue/green deployments
  • Deploy the AWS WAF and write custom WAF rules
  • Detect and respond to security events using CloudWatch and serverless functions
  • Design
2 دیدگاه
  1. میرکتابی says

    تشکر لطفا بقیه دوره های sans قرار بدین

  2. Mahdi says

    لطفا دوره های 660 و 760 رو هم بی زحمت قرار دهید
    با سپاس از زحمات


آدرس ایمیل شما منتشر نخواهد شد.