Securing Cloud DevOps in PaaS, IaaS, and SaaS Settings

The usage of DevOps tools like Docker and Kubernetes has expanded. This course introduces you to securing cloud DevOps environments in PaaS, IaaS, and SaaS settings, DevOps practices, and activities across various types of cloud platforms.
Course info
Rating
(12)
Level
Intermediate
Updated
Oct 13, 2017
Duration
2h 16m
Table of contents
Description
Course info
Rating
(12)
Level
Intermediate
Updated
Oct 13, 2017
Duration
2h 16m
Description

The adoption and usage of DevOps tools such as Docker and Kubernetes has more than doubled. Find out why learning DevOps will be a requirement for every cyber security professional in order to compete in the cloud economy. In this course, Securing Cloud DevOps in PaaS, IaaS, and SaaS Settings, you'll learn how to apply operational security process automation in DevOps driven cloud environments such as AWS. First, you'll explore how to secure PaaS, SaaS, and IaaS DevOps environments. Next, you'll discover how to address OWASP security guidelines as part of the CI/CD pipeline. Finally, you'll delve into securing Infrastructure as Code (IaC), along with securing container management and orchestration activities. When you’re finished with this course, you’ll know how to function as a DevOps security practitioner, and be responsible for securing DevOps related processes, procedures, and technologies to ensure optimal and timely security throughout the ongoing DevOps lifecycle.

About the author
About the author

Chad has been in the Cyber Security industry for over 15 years. He's taught Microsoft Engineering courses as a Certified trainer. He's managed teams of security engineers and analysts for an Internet banking provider. He's been an information security consultant working for companies including SAP, Microsoft and Oracle.

More from the author
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name's Chad Russell, and welcome to my course, Securing Cloud DevOps in PaaS, IaaS, and SaaS Settings. I'm a cloud security architect for webofsecurity. com, and I've worked for companies including Microsoft, Oracle, and SAP. The adoption and usage of DevOps tools, such as Docker and Kubernetes, has more than doubled. Find out why learning DevOps will be a requirement for every cyber security professional in order to compete in the cloud economy. In this course we're going to apply operational security process automation and DevOps-driven cloud environments such as Amazon Web Services. Some of the major topics that we'll cover include, securing PaaS, SaaS, and IaaS in DevOps environments, Addressing OWASP's security guidelines as part of the continuous integration and continuous development pipeline, and how to secure infrastructure as code. By the end of this course you'll know how to function as a DevOps security practitioner and be responsible for security DevOps-related processes, procedures, and technologies to ensure optimal and timeless security throughout the ongoing DevOps lifecycle. Before beginning the course you should be familiar with operating system and virtualization concepts. I hope you'll join me on this journey to learn DevOps security operations with the Securing Cloud DevOps in PaaS, IaaS, and SaaS course at Pluralsight.

Course Summary and Next Steps
So let's summarize this course. Before we reach the summary and recap of all the different topics, let's talk about our fictitious company Globomantics, and how they addressed their approach to DevOps security. So Globomantics ended up applying artifact inspection to review infrastructure as code. They are going to be utilizing their container inspection environment, they are going to use Amazon EC2 container services, and they will be using tools such as OpenVAS and Gauntlt to inspect their images. The first module we covered in this course was about DevOps, cloud, and its impact on traditional security architecture. Then we discussed how to secure PaaS, SaaS, and IaaS development environments. Next, you learned how to address OWASP 2017 security guidelines as part of the continuous integration and continuous development pipeline. We talked about how to secure infrastructure as code, we learned about securing container management and orchestration activities with technologies such as Kubernetes and Docker, and now we'll wrap up the course. So as you engage in the next steps on your DevOps journey, continue studying about container and DevOps technologies, and look for more courses available on these subjects here at Pluralsight.