DevSecOps: How to secure Web App with AWS WAF and CloudWatch
Web application cyber security practical guidance. AWS DevSecOps WAF masterclass. AWS DevOps security tips and tricks.
Development,Software Engineering,AWS
Lectures -46
Resources -17
Duration -3 hours
30-days Money-Back Guarantee
Get your team access to 10000+ top Tutorials Point courses anytime, anywhere.
Course Description
Short description:
The current course is about how to secure Web Applications against hacker attacks with AWS cloud solutions using application level, centralized log system and firewall protection. You will also learn a lot about how to provide effective cyber thread analysis during hacker's attack and after it.
COURSE STRUCTURE:
The course starts with creating a very small API application. For that purpose, I will use the Python programming language and Flask framework. If you are not aware of current technologies, don't worry, you should not. Believe me, the application would be extremely simple, so anyone, even a child, can understand how it works.
While creating according application I will concentrate on the next essential aspects:
Custom exceptions
Logging
I will explain why it is so essential to have those things at any application and how to make it properly in order it would be helpful from a security defense perspective.
The principles that I will show you are extremely simple and can be easily propagated at any existing web application. You will see the real power of properly done exceptions and logging with your own eyes when we make real hacker’s attacks simulations at our application after deploying it to the AWS cloud
Generally speaking, deploying - it is 2nd essential part of our learning. Together we will deploy our test API application at AWS using Terraform. And again, if you have never used current technology, don’t worry. I will show you step by step, how to run according to terraform scripts.
At 1st we will prepare the AWS network, after that we will deploy AWS ALB with WAF, and finally, at the last step, we will deploy our application at EC2 using an auto-scaling group. The current pattern of deployment can be easily used by you at production as it is rather cost-effective and almost an HA solution. However as with every solution it also has some limitations, which I will discover during Terraform lectures
In the deployment section I will speak a lot about different AWS Services, that would be used for creating security defense mechanisms
IAM policies and Security groups as restriction mechanisms to our resources
S3 a place for keeping our ALB and WAF logs
CloudWath a centralized log storage and alarm system
SNS - as a mechanism for sending alarm notifications during security attack detection
I will also touch a little bit on Route 53 and Certificate Manager services
The deployed Falsk application and all AWS infrastructure around it would be intensively used as a lab environment for imitating different hacker attacks and providing a cyber security learning process. That will allow you to perform real practice training and try different security tools and tricks with your own hands. That is why, as for me, it is so essential to have it to be done.
In the third section, we will speak about AWS WAF. We will discuss in detail:
What resources can we attach WAF at - ALB, API gateway, CloudFront
How properly to configure it
Why correct configuration of AWS WAF such a time-consuming process
How to set up AWS WAF-managed rules and custom blocking policies
How to analyze WAF and ALB logs using Athena
Why WAF is no silver bullet that can’t protect web apps against all possible threats
At the current section, I will also show you some examples of real attacks that were blocked by WAF taken from my commercial experience, in order you could feel how powerful WAF is as a security defense tool
In 4th section we will discuss deeply AWS CloudWatch service, especially:
how to use our application logs as a security detector
how to build custom CloudWatch filters
how to raise alerts in case a web application is under a hacker’s attack
how you can be aware of an attack even before WAF detects it, or when WAF cannot deal with the problem
In the 5th section, we will speak about cyber threat analysis using Atena and Excel after a hacker's attack. We will discuss how to gather all required data using Athena and how to verify if the hacker's actions had any success.
In last section we will make a short summary of all passed practice materials, by creating an effective security defense framework, that can be used at any cloud or even at on-premise solutions
Who this course is for:
Anyone who is interested at cyber security or who is responsible for Web resources:
Software engineer
DevOps
Admin
CTO
CEO
Goals
How exceptions and logging should be organized in web applications to become a security defensive tool
How to secure Web application at AWS Cloud
How to configure AWS WAF
How to use AWS WAF-managed rules
How to use AWS WAF custom black and white list
How to use AWS WAF custom rate rules
How to configure WAF alarms
How to use CloudWatch as a detector of abnormal hacker behavior
How to build custom CloudWatch filters and alerts on it
How to use Athena to analyze WAF and application logs
Cyber threat analysis basics using Athena and Excel
Prerequisites
Active AWS account
Some active web domain
Basic knowledge of using docker and web programming
Curriculum
Check out the detailed breakdown of what’s inside the course
Introduction
3 Lectures
- Promo introduction video 03:03 03:03
- About me and cyber security experience 00:32 00:32
- Coarse road map 03:55 03:55
Flask test API application
4 Lectures
Application deployment at AWS using Terraform
9 Lectures
AWS WAF - deep inside
20 Lectures
Application and CloudWatch as security monitoring tool
3 Lectures
Cyber threat analysis using Atena and Excel
4 Lectures
Security defense framework
2 Lectures
Additional Info
1 Lectures
Instructor Details
Sergii Demianchuk
My name is Sergii Demianchuk. I have over 18 year’s experience as a software engineer. At my work I am mostly using next technologies: PHP, Python, Java, Javascript, Symfony, Flask, Spring, Vue, Docker, AWS Cloud, ML, Ansible, Jenkins, MySQL, Redis, ElasticSeach. I started my IT carrier as Engineer at national telecommunication Ukrainian networks. Than I worked as web full stack developer and IT manager for 10 years. After relocation to Poland at 2012, I continued my carrier path at Clicktrans company which represents one of the biggest transport marketplaces in Europe. Currently I am taking the position of CTO&System Architect at Clicktrans. My work is concentrated around architecture for complex systems, using ML for solving transport problems, big data sets analysis, search & recommendations systems. I am also deeply involved at devops and security world. My favorite slogan: "There is nothing impossible. The main question is how to do complicated system in the most efficient way having right people on a board with keeping it safe and simple at support :)"
Course Certificate
Use your certificate to make a career change or to advance in your current career.
Our students work
with the Best
Related Video Courses
View MoreAnnual Membership
Become a valued member of Tutorials Point and enjoy unlimited access to our vast library of top-rated Video Courses
Subscribe nowOnline Certifications
Master prominent technologies at full length and become a valued certified professional.
Explore Now