In this hands-on course, you’ll learn how to use Terraform to securely deploy resources on AWS using Infrastructure as Code (IaC). Guided by instructors with experience running Terraform in production, we’ll take you step-by-step from zero prior Terraform knowledge to confidently writing infrastructure as code and deploying production-ready AWS resources securely.
Learn what Amazon S3 is, how it works, and how to protect your data. This course will show you how to create and configure buckets, upload and access objects, avoid common security misconfigurations (some of which have resulted in massive breaches), and how to run regular automated scans with open source tools to discover issues. You’ll also learn to think like an attacker to find weaknesses that could potentially be exploited. The course was designed to provide a heavy dose of hands-on, practical learning with a mixture of taking action through the console, CLI, and roles.
Learn how to use IAM Roles like the pros. This course answers questions like:
Learn hands-on how to exploit AWS cloud misconfigurations and build practical skills with step-by-step walkthroughs, labs, and CTFs. CloudGoat enables you to deploy vulnerable-by-design AWS scenarios in your own environments, although we will be providing a couple of those scenarios as 1-click deploy 🧪 Cybr Hands-On Labs if you would rather not use your own environments. Not all of the scenarios will be available with our labs due to how vulnerable they are.
This course covers Microsoft Defender for Cloud, a cloud-native application protection platform (CNAPP) that provides security posture management and workload protection for Azure, AWS, GCP, and on-premises environments. You’ll learn to configure security policies, implement compliance frameworks like NIST 800-53, protect various workloads including VMs, containers, and storage accounts, and automate incident response using Logic Apps and workflow automation.
Learn the fundamentals of DevSecOps to understand what it means, why it matters, and how to implement it within your organization. With DevSecOps, one size doesn’t fit all, and it’s not just a matter of implementing a handful of tools or concepts. It’s about understanding what makes sense for your use case and requirements, and what approaches are most relevant. It’s also about understanding how to go from zero to the first few steps of implementation, and how to track progress along the way. Regardless of whether you’re starting from scratch with a brand new application, or whether you’re dealing with a mature product and organization, that’s what this course focuses on helping you achieve.
