This course will teach you how to secure your hosted AWS infrastructure. You will learn about securing your EC2 instances and how to create additional threat protection layers using managed AWS services to manage and secure your applications.
Securing AWS infrastructure is an ongoing task, with many moving parts.
In this course, Securing AWS Infrastructure, you’ll find the best methods of securing your hosted applications at AWS.
First, you'll learn the best subnet and IP address types to host your applications, and how to plan out VPC security using route tables, security groups, and Network ACLs.
Next, you’ll discover the roles that redundancy and availability play in application security, looking at load balancing and autoscaling and how they help your applications to remain available.
Finally, you’ll explore the intrusion detection and prevention available at AWS for all customers, specifically how to create threat protection layers with Web Application Firewall, AWS Shield, Shield Advanced, and the AWS Firewall manager. You’ll also see how to protect public-facing resources using CloudFront.
You'll also go through the use of GuardDuty and Amazon Inspector. This course’s content is a mix of lecture and hands-on demos.
When you’re finished with this course, you will understand how to properly secure your infrastructure components at AWS.
Mark is a former electronic design technologist turned Microsoft and IBM SoftLayer cloud geek. Mark has created many instructor led, e-learning, and self-paced courses over the last 15 years from Active Directory to Group Policy and enjoys training and sharing information to help people understand technology. He is also an avid musician and composer.
Course Overview If you're working in the AWS cloud, then you probably need to know about securing your infrastructure and networks that are hosted in the AWS cloud. My name is Mark Wilkins, and in this class, Securing AWS Infrastructure, we are looking at security from the standpoint of your infrastructure components, the network, and some of the global managed services. Starting with infrastructure threats against our EC2 instances and networks, we will take a detailed look at the best practices and procedures for securing these resources. Then we will look at DDoS attacks and how Amazon protects against them and how you can also protect them using Shield, Shield Advanced, and CloudFront. We will then take a look at a couple of interesting management services, specifically Amazon Inspector and GuardDuty. With Inspector, we can analyze our instances and the applications running on our instances and get feedback and detailed reports with graduated severity levels. With GuardDuty, we can have our DNS logs, flow logs, and CloudWatch logs analyzed. Both of these services take advantage of CloudWatch, allowing us to be alerted when there are issues and to automate our solutions, so join me in discovering how you can protect your resources at AWS and sleep at night knowing your hosted applications are well protected at AWS.