Last modified on 2020-02-09 (release notes)
1:13:20 Cloud Security Basics
The most important aspect of public cloud security is the split responsibility model: the cloud provider is responsible for infrastructure security, but you're still responsible for securing your deployment.
This section describes the basics of public cloud security, how you could evaluate the security posture of your public cloud provider, and concludes with an overview of what you could do to secure your public cloud environment.
|Cloud Security 101||16:01||2019-06-07|
|Cloud Provider Evaluation||27:18||2019-06-07|
|Protecting Your Cloud Environment||7:56||2019-06-07|
1:38:49 Identity and Access Management
In this section you'll learn how to set up your public cloud platform accounts and how to protect them. In addition, Cloud IAM solutions offer the possibility to use the platform accounts for your application stack as well - and we will explore security challenges and opportunities of this approach.
|Definitions and Terms||12:04||2019-12-12|
|Identity and Access Management||34:42||2019-12-12|
|Deep Down the IAM Rabbit Holes||24:44||2019-12-12|
|Protecting API Keys||9:49||2019-12-12|
1:19:40 Logging and Monitoring
Cloud environments offer new logging mechanisms which differ from traditional technologies. We will explore how you could use cloud storage to save the logs, and analyze them using additional cloud services, or how you could send the cloud events to external services for further analysis.
|Definitions and Terms||6:32||2020-01-15|
|Logging of Cloud Events||17:03||2020-01-15|
|Cloud-based Log Storage and Analysis||20:45||2020-01-15|
|Demos and Conclusions||31:27||2020-01-15|
1:37:11 Automation and Testing
One of the biggest advantage of public cloud environments is their capability to modify any object via an API call or use infrastructure-as-code templates to deploy, modify or destroy whole application stacks, as well as monitor the compliance of actual deployment with desired state specified in the template.
This section describes how you can leverage this capability to increase the security of your deployments, and how the modern IaC and CI/CD methodologies affects traditional security testing approaches.
|Terms and Motivation||19:24||2020-01-24|
|Automation Security Benefits||22:53||2020-01-24|
|Tools and Lab||34:40||2020-01-24|
|Testing and Verification||13:35||2020-01-24|
|Automation and Testing Demos||7.3K||2020-01-24|