DevSecOps:如何使用 AWS WAF 和 CloudWatch 保护网络应用程序的安全
¥349.9
会员免费学习
单独购买
知识小课

DevSecOps:如何使用 AWS WAF 和 CloudWatch 保护网络应用程序的安全

  • DevOps

学习如何利用AWS WAF和CloudWatch强化网络应用程序的安全性

¥349.9
会员免费学习
单独购买
加入收藏
本课程包括
  • 3小时10分钟的视频随时观看
  • 可在APP随时观看
  • 结业证书
你将收获
  • 学员将掌握如何利用AWS WAF和CloudWatch来保护网络应用程序的安全
  • 了解如何配置和管理这些服务以应对常见的网络安全威胁
  • 提高对网络安全的认识和应对能力

数千家企业正在使用三节课企业版学习

无限制学习2000+门课程,200+精选学习专题

免费申请体验>
课程介绍

本课程旨在教授学员如何利用AWS WAF(Web应用程序防火墙)和CloudWatch来加强其网络应用程序的安全性。课程将深入探讨如何配置和管理AWS WAF规则以防御常见的网络攻击,如SQL注入、跨站脚本(XSS)等。同时,学员还将学习如何利用CloudWatch监控网络流量和日志,及时发现异常活动并采取相应措施。通过本课程的学习,学员将掌握保护网络应用程序安全的关键技能,提高应对网络安全挑战的能力。

适合人群
  • 软件开发人员
  • 安全工程师
  • 系统管理员
  • 网络工程师以及对网络安全感兴趣的任何人
讲师介绍
Sergii Demianchuk查看讲师主页
CTO/System Architect
擅长领域:
  • Java
  • DevOps
I have over 15 year’s experience as a software engineer. At my work I am mostly using next technologies: PHP, Python, Java, Javascript, Symfony, Flask, Spring, Vue, Docker, AWS Cloud, ML, Ansible, Jenkins, MySQL, Redis, ElasticSeach. I started my IT carrier as Engineer at national telecommunication Ukrainian networks. Then I worked as web full stack developer and IT manager for 10 years. After relocation to Poland at 2012, I continued my carrier path at Clicktrans company which represents one of the biggest transport marketplaces in Europe. Currently I am taking the position of CTO&System Architect at Clicktrans. My work is concentrated around architecture for complex systems, using ML for solving transport problems, big data sets analysis, search & recommendations systems. I am also deeply involved at devops and security world.
课程大纲
共0节 时长0分钟 全部收起
Section 1_ Introduction
共3节 | 8分钟
  • Lecture 1_ Promo introduction video
    3分钟
  • Lecture 2_ About me and cyber security experience
    1分钟
  • Lecture 3_ Coarse road map
    4分钟
Section 2_ Flask test API application
共4节 | 20分钟
  • Lecture 1_ Flask app - local environment
    4分钟
  • Lecture 2_ Flask app - code overview, how application works
    9分钟
  • Lecture 3_ Flask app - custom exceptions
    3分钟
  • Lecture 4_ Flask app - logging
    5分钟
Section 3_ Application deployment at AWS using Terraform
共8节 | 40分钟
  • Lecture 1_ Terraform installation with tfenv
    3分钟
  • Lecture 2_ AWS profile and terrafrom configuration
    3分钟
  • Lecture 3_ Running terraform scripts - essential introduction
    1分钟
  • Lecture 4_ Applying terraform - Part 1_ pre init and network terrafrom modules
    7分钟
  • Lecture 5_ Applying terraform - Part 2_ AWS ALB and AWS Certificate Manage
    9分钟
  • Lecture 6_ Build docker image and push it to the AWS ECR
    3分钟
  • Lecture 7_ Applying terraform - Part 3_ flask application at EC2 using auto scaling group
    7分钟
  • Lecture 8_ Applying terraform - Part 4_ add EC2 to AWS ALB as target group
    7分钟
Section 4_ AWS WAF - deep inside
共20节 | 1小时27分钟
  • Lecture 1_ What is WAF and how it works
    4分钟
  • Lecture 2_ AWS WAF managed rules as first step
    6分钟
  • Lecture 3_ AWS WAF managed rules and count mode
    5分钟
  • Lecture 4_ AWS WAF logs and test data set
    3分钟
  • Lecture 5_ Initial Athena-WAF configuration
    4分钟
  • Lecture 6_ Athena - running first query, WAF logs structure, Athena pricing
    3分钟
  • Lecture 7_ How to analyse WAF log’s data with Athena queries - part 1
    4分钟
  • Lecture 8_ How to analyse WAF log’s data with Athena queries - part 2
    7分钟
  • Lecture 9_ AWS WAF managed rules configuration methodology and rules versions
    5分钟
  • Lecture 10_ AWS WAF managed rules in action
    6分钟
  • Lecture 11-a_ AWS WAF - custom white and black lists - part 1
    3分钟
  • Lecture 11-b_ AWS WAF - custom white and black lists - part 2
    4分钟
  • Lecture 12_ AWS WAF and custom regex pattern set
    2分钟
  • Lecture 13_ AWS WAF rate rules introduction
    3分钟
  • Lecture 14_ How to calculate rate thresholds for application using Athena and ALB logs
    6分钟
  • Lecture 15-a_ AWS WAF rate rules in practice - part 1
    5分钟
  • Lecture 15-b_ AWS WAF rate rules in practice - part 2
    6分钟
  • Lecture 16_ AWS WAF metrics and alarms
    5分钟
  • Lecture 17_ AWS WAF priority
    2分钟
  • Lecture 18_ Why AWS WAF is not a silver bullet
    4分钟
Section 5_ Application and CloudWatch as security monitoring tool
共3节 | 14分钟
  • Lecture 1_ How to use CloudWatch logs
    4分钟
  • Lecture 2_ Understanding Application logs with CloudWatch Logs Insights and Dashboards
    4分钟
  • Lecture 3_ Custom CloudWatch metrics and alerts as sensitive detector of abnormal behavior
    6分钟
Section 6_ Cyber threat analysis using Atena and Excel
共4节 | 18分钟
  • Lecture 1-a_ Cyber threat analysis workflow - part 1
    4分钟
  • Lecture 1-b_ Cyber threat analysis workflow - part 2
    4分钟
  • Lecture 2-a_ Analyse data at Excel - part 1
    5分钟
  • Lecture 2-b_ Analyse data at Excel - part 2
    5分钟
Section 7_ Security defense framework
共1节 | 3分钟
  • Lecture 1_ Security defense framework
    3分钟
课程已被收录精选专题
购课须知

课程有效期:

自购买课程之日起 365 天,部分参与营销活动产品以活动规则为准,请同学在有效期内学习、观看课程。

上课模式:

课程采取录播模式,请注意自学课无班级微信群、班主任带班及助教批改服务。

注:自学课不支持退款,确保你是真的需要再进行报名,报完名之后还请认真学习。

联系客服
扫码添加三节课客服运营
工作时间:9:00-18:00