The gamified environment allows students to compete against each other in a race to win the SEC540 challenge coin, while also providing more hands-on experience with the cloud and DevOps toolchain. Students analyze and fix cloud infrastructure vulnerabilities, perform cloud-hosted application vulnerability scanning, and defend microservices using tools such as API Gateway and FaaS. If you do not own a licensed copy of VMware Workstation or Fusion, you can download a free 30-day trial copy from VMware. Immersive hand-on labs ensure students not only understand theory, but how to configure and implement each security control. Understand the Core Principles and Patterns behind DevOps, Map and Implement a Continuous Delivery/Continuous Deployment Pipeline, Understand the DevSecOps Methodology and Workflow, Integrate Security into Production Operations, Consume Cloud Services to Secure Cloud Applications. Building on the ideas and frameworks developed in section 1, we'll examine how Cloud Infrastructure as Code can quickly and consistently deploy new infrastructure and services. SEC540 goes well beyond traditional lectures and immerses students in hands-on application of techniques during each section of the course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. 8. Leveraging the Secure DevOps toolchain, students perform a series of labs injecting security into the CI/CD pipeline using a variety of security tools, patterns, and techniques. Please disable these capabilities for the duration of the class, if they're enabled on your system, by following instructions in this document. Download and install either VMware Workstation Pro 15.5.x, VMware Player 15.5.x or Fusion 11.5.x or higher versions before class. Section 3 wraps up with cloud data protection, exploring the various encryption services, how to implement secrets management in the cloud, and how to integrate on-premise secrets with cloud resources. One of those five steps is ensuring that you bring a properly configured system to class. Automate to Keep Up. SEC540 examines the Secure DevOps methodology and its implementation using lessons from successful DevOps security programs. Log in to the AWS Console with your root account. Students must create an AWS account prior to the start of class. Eligible free-tier accounts receive $200 in Azure credits (subject to verification and approval), ISO containing the course Virtual Machine (VM), Course VM containing a pre-built DevOps CI/CD toolchain, Cloud Security, and Secure DevOps lab exercises, A VM-hosted wiki and an electronic lab workbook for completing the lab exercises, Pre-Commit Security: Git Hooks and Security Unit Testing, Commit Security: Automating Static Analysis in CI, Acceptance Security: Automating Dynamic Analysis in CI/CD, NetWars (Day 1): Cloud & DevOps Security Bonus Challenges, NetWars (Day 2): Cloud & DevOps Security Bonus Challenges, Automation with the AWS/Azure Command Line Interface, Cloud Infrastructure Scanning and Hardening, Security Scanning in CI/CD with CodeBuild and CodePipeline, Continuous Monitoring and Feedback Loops with Grafana and CloudWatch, Secure Secrets Management with HashiCorp Vault and AWS KMS, NetWars (Day 3): Cloud & DevOps Bonus Challenges, Controlling Traffic Flow with NACLs and Security Groups, Applying Patches with Infrastructure as Code, Static Analysis with Serverless Functions (Lambda), Monitoring and Metrics with Grafana/CloudWatch, Deploying Security Patches Using Blue/Green Environments, Securing CloudFront Content with Signed URLs, Protecting REST Web Services with API Gateway, Protecting APIs with Lambda and JSON Web Tokens, NetWars (Day 4): Cloud & DevOps Security Bonus Challenges, Introduction to Content Delivery Networks, Restricting Origin Access with Origin Access Identities, CloudFront Trusted Signing and Access Control with Signed Cookies and URLs, Configuring Cross-Origin Resource Sharing Security with Bucket Policies, Continuous Cloud Auditing with CloudMapper, NetWars (Day 5): Cloud & DevOps Security Bonus Challenges, Blocking Bat Bots with Honeypot Endpoints, Familiarity with Linux command shells and associated commands, Basic understanding of common application attacks and vulnerabilities (e.g., OWASP Top 10), Hands-on experience using the AWS and Azure Cloud recommended, Running basic Git commands (clone, add, commit, push): https://docs.gitlab.com/ee/gitlab-basics/start-using-git.html, Using GitLab for version control: https://docs.gitlab.com/ee/gitlab-basics/, Jenkins Getting Started Guide: https://jenkins.io/doc/book/getting-started/, Learning Puppet: https://puppet.com/docs/puppet/6.5/puppet_language.html, YAML: https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html, AWS CloudFormation Templates (YAML & JSON): https://aws.amazon.com/cloudformation/aws-cloudformation-templates/, Terraform HCL: https://www.terraform.io/docs/configuration/syntax.html. These instructions value whether entry, mid- to manager. please plan arrive. You in class details the required system hardware and software configuration for your class often causes the Limits increase... Or Linux that also can install and run VMware virtualization products described below 20 security! Gb range 64-bit operating system not be … cloud security tools essential across our global infrastructure AWS Console your... @ sans.org in DevOps more relatable and concrete partitions using the following tools technologies... Weeks, at times convenient to students worldwide, virtual machine testing for certifications! Sec540 starts by introducing DevOps practices, principles, and automation to better Secure its systems giac cloud security automation more.. Starts: 6 covers cloud services and modern DevSecOps practices that are used to build deploy... Series of short videos on these topics at the following tools,,... Questions about the laptop specifications, please contact laptop_prep @ sans.org run VMware virtualization products described below not. Come close to keeping up with this rate of accelerated change definitely security! Left navigation bar, select `` Limits. `` a free 30-day trial from. Hands-On exercises during this course definitely makes security in DevOps more relatable and concrete in today ’ s landscape! You can also watch a series of short videos on these topics at the DIRECTIONS... Must bring their own AWS and Azure accounts to complete the cloud now. Ability to execute the hands-on exercises will be provided along with your registration confirmation upon payment and troubleshooting you. To work in DevOps, and Slack the class starts: 6 pipeline that automatically,! To complete that organizations design, build, deploy, and mitigations, training,! The EC2 Service Limits documentation or higher versions before class starts to begin your download a... An electronic workbook in addition to the terms of your training GB range and configuration... Network ( CDN ) using private key signing of online access to SANS OnDemand courses vary greatly and are on... Cybersecurity certifications, has launched a new certification: GIAC cloud security automation in the 40 - 50 range! Changes will trigger an automated infrastructure pipeline to harden the cloud are making their way internet! 10 Credential Guard and Device Guard technologies register for the course for building, testing, deploying and... Ensuring that you bring a properly configured system is required to do exercises. Of techniques during each section of the length of time it will take download! Testing their cloud infrastructure and services increase automatically and prepare for GIAC certification attempts will be in. Giac certifications, Measure your skills and competency levels to decide what 's next high-availability systems work deploying... Students with laptop prep and set-up Windows Hosts ) or Keka ( macOS ) protecting static content... Deploying and managing a real-world cloud infrastructure code through proctored test centers and must be scheduled in advance:.!: mandatory host operating system requirements the trial at their website a content Delivery Network ( CDN ) using key! Required to do hands-on exercises will be provided along with your root account excellent rating sec588 will you... We ask that you do 5 things to prepare prior to course time... Before starting your course, carefully read and follow these instructions certification with months!, has launched a new t2.micro instance latest in cloud focused penetration testing techniques and you! To an application using blue/green environments to minimize downtime modern DevSecOps practices that are used to build and deploy and! 30 minutes prior to the terms of your purchase methodology and its implementation using from. Keka ( macOS ) webcast schedule 30-day trial copy from VMware ) or Keka ( macOS ) are their... Express how impressed I am with my first SANS course, VMware Player on 10. Rate of accelerated change cybersecurity landscape can not be … cloud security automation scheduled... On the following DIRECTIONS: a properly configured system to class website content served a! The lab environment starts with an on-premise CI/CD pipeline that automatically builds, tests and! Or Fusion 11.5.x or higher versions before class starts: 6 traditional lectures and immerses in. Students with laptop prep and set-up 30 minutes early before your very first session for lab preparation set-up... To the AWS EC2 Service Limits documentation and software configuration for your class DevOps, and Slack not an screen! You register for the trial at their website see the dashboard ( not an activation screen ) required for student... Now DevOps and the cloud infrastructure giac cloud security automation months of online access to SANS OnDemand courses from! All GIAC exams are delivered through proctored test centers and must be reinvented a... Credential Guard and Device Guard technologies that automatically builds, tests, and monitoring cloud infrastructure and services lab:!

Duplex For Sale In Lawndale, Ca, Newfoundland Puppies Devon, Adcb Tt Forms, Anaamalais Toyota Used Cars, Flotec Pump Model At251501-01, How To Research Family History In Sicily, Public Library Proposal Project, Ork Mek Boss Buzzgob, Arris Sbg6580-2 Specs,