Leveraging Google Cloud Armor, Security Scanner and the Data Loss Prevention API

This course focuses on the design and implementation of security scanning, protection against Distributed Denial of Service (DDoS) attacks and security auditing. The course also covers the use of the Data Loss Prevention API in protecting sensitive data.
Course info
Level
Intermediate
Updated
Jan 18, 2019
Duration
2h 12m
Table of contents
Course Overview
Using Cloud Armor to Protect Against DDoS Attacks
Using Cloud Security Scanner to Identify App Vulnerabilities
Using the Cloud Data Loss Prevention (DLP) API for Data Protection
Description
Course info
Level
Intermediate
Updated
Jan 18, 2019
Duration
2h 12m
Description

Recent years have witnessed a steady increase in the number of reported instances of data being compromised, stolen and even sold for ransom. In this course, Leveraging Google Cloud Armor, Security Scanner and the Data Loss Prevention API, you will gain the ability to mitigate threats of DDoS attacks using Cloud Armor, scan your App Engine and Compute Engine web apps using Security Scanner, enforce audit rules using Forseti and use the Data Loss Prevention API to control access to sensitive data. First, you will learn how to use Cloud Armor to mitigate the threat of DDoS attacks directed at your HTTP(S) load balanced applications. Cloud Armor will enforce these rules at the edge of the Google network and prevent unwanted requests from permeating into the interior of your VPC network. Next, you will discover how to use the Security Scanner to identify potential vulnerabilities in your App Engine and Compute Engine web apps. These currently include checks for cross-site scripting, flash injection, mixed content, clear-text passwords, invalid headers and the use of outdated libraries. This list of vulnerabilities is constantly being added to, which means that your Security Scanner reports will change and get richer and better over time. You will also use Forseti, a third-party tool that is used to conduct security audits of IAM policies and compare the actual and desired state of system resources. Finally, you will explore how to use the Data Loss Prevention API to control access to sensitive data. The DLP API has a long list of country-specific types of sensitive data type - US Social Security Numbers and the tax identifiers of several countries. The API has built-in detectors to return probabilities that a given data item matches a certain type of sensitive data. It is also possible to add custom detectors, and to use powerful techniques for redaction and de-identification of such data. When you’re finished with this course, you will have the skills and knowledge of various security auditing and protection services to protect against DDoS attacks, as well as identify vulnerabilities in your apps and project settings to help identify and protect sensitive data.

About the author
About the author

A problem solver at heart, Janani has a Masters degree from Stanford and worked for 7+ years at Google. She was one of the original engineers on Google Docs and holds 4 patents for its real-time collaborative editing framework.

More from the author
Using PyTorch in the Cloud: PyTorch Playbook
Intermediate
2h 21m
Apr 25, 2019
Building Clustering Models with scikit-learn
Intermediate
2h 33m
Apr 24, 2019
More courses by Janani Ravi