Testlab
Cloud tools
Notes
Introduction
What?
Why?
How?
The story sofar
DevOps
TL;DR
The infinite loop
DevSecOps
Shifting left
Resources
Growing list of challenges
Security silos
Lack of visibility & prioritisation
Stringent processes
Promote autonomy of teams
Visibility and transparency
Understanding and empathy
SSDLC methodologies
Microsoft’s SDL
OWASP’s S-SDLC
The Software Assurance Maturity Model (SAMM)
Building Security In Maturity Model (BSIMM)
Resources
Implementing SSDLC
Security posture
SSDLC processes
Risk assessment
Types of risk assessments
Qualitative risk assessment
Quantitative risk assessment
Real-world
Privacy Impact Assessment (PIA)
Privacy data attributes
GDPR security requirements
Threat modelling
Methods
STRIDE
DREAD
PASTA
Example threat matrices
Example threat matrices
DevOps threat matrix (Microsoft)
Common threat matrix for CI/CD pipeline (Mercari)
Secure coding
Secure coding awareness training
Tool evaluation
Secure compiling
Security-testing plan and practices
Vulnerability assessment
Penetration testing
Pros and Cons
Vulnerability assessment
Penetration testing
Secure code review & analysis
Code analysis
SAST
SCA
DAST
IAST
RASP
Choosing tools
When and where?
Security automation
Development
Web testing in proactive/proxy mode
Shared responsibility
AWS
Azure
GCP
Securing virtual machines
Best practices
Securing managed database services
Best practices
Securing containers
Best practices
Securing serverless/function as a service
Best practices
Securing object storage
Best practices
Securing block storage
Best practices
Securing file storage
Best practices
Securing the container storage interface
Best practices
Securing virtual networking
Best practices
Securing DNS services
Best practices
Securing CDN services
Best practices
Securing VPN services
Best practices
Securing DDoS protection services
Best practices
Securing WAF services
Best practices
Identity management
AD
AAD
Cloud providers
Monitoring and auditing
Labs
AWS Well-architected Labs: Security
Microsoft Azure Well-Architected Framework - Security
Google cloud Security Engineer Learning Path
CloudAcademy Security Training Library
Set up labs for trainings
CI/CD
Introduction
What?
Why?
How?
Docker
Configuration best practices
Image best practices
Monitoring best practices
Resources
Code and Git
Clean Git
Linting
Static Application Security Testing (SAST)
Dynamic Application Security Testing (DAST)
Data security procedures
Zero-trust principles
Automation
Resources
Artifacts
Supply-chain Levels for Software Artifacts (SLSA)
Resources
AWS
Introduction
What?
Why?
How?
Elastic Compute Cloud (EC2)
Authenticating to an instance
Best practices
Network access to an instance
Best practices
Instance metadata
Serial console connection
Best practices
Patch management
Best practices
Backups
Best practices
RDS for MySQL
Configuring IAM
Best practices
Securing network access
Best practices
Stored data
Best practices
Conducting auditing and monitoring
Best practices
Elastic Container Service (ECS)
Configuring IAM
Best practices
Network access
Best practices
Conducting auditing and monitoring
Best practices
Enabling compliance
Best practices
Elastic Kubernetes Service (EKS)
Configuring IAM
Best practices
Network access
Best practices
Conducting auditing and monitoring
Best practices
Enabling compliance
Best practices
AWS Lambda
Configuring IAM
Best practices
Network access to AWS Lambda
Best practices
Conducting auditing and monitoring
Best practices
Conducting compliance, configuration change, and secure coding
Best practices
Simple Storage Service (S3)
Authentication and authorisation
Best practices
Network access
Best practices
Auditing and monitoring
Best practices
Elastic Block Store (EBS)
Best practices
Elastic File System (EFS)
Authentication and authorisation
Best practices
Network access
Best practices
Conducting auditing and monitoring
Best practices
Container Storage Interface (CSI)
Best practices
Virtual Private Cloud (VPC)
Network access
Best practices
Monitoring
Best practices
Route 53
Best practices
CloudFront
Best practices
Site-to-Site VPN
Best practices
Client VPN
Best practices
Shield
Best practices
AWS WAF
Best practices
AWS IAM
AWS IAM terminology:
AWS IAM policy evaluation logic
Best practices securing AWS IAM
Best practices auditing AWS IAM
Directory Service
Configuring MFA
Azure
Introduction
What?
Why?
How?
Virtual Machines
Authenticating to a VM
Best practices
Network access to a VM
Best practices
Serial console connection
Best practices
Patch management
Best practices
Backups
Best practices
Database for MySQL
Configuring IAM
Best practices
Network access to a managed MySQL
Best practices
Stored data
Best practices
Conducting auditing and monitoring
Best practices
Container Instances (ACI)
Configuring IAM for ACI
Best practices
Conducting auditing and monitoring
Best practices
Enabling compliance
Best practices
Kubernetes Service (AKS)
Configuring IAM
Best practices
Network access
Best practices
Conducting auditing and monitoring
Best practices
Enabling compliance
Best practices
Functions
Configuring IAM
Best practices
Data and network access
Best practices
Conducting auditing and monitoring
Best practices
Conducting compliance, configuration change, and secure coding
Best practices
Blob storage
Authentication and authorisation
Best practices
Network access
Best practices
Auditing and monitoring
Best practices
Managed disks
Best practices
Files
Authentication and authorisation
Best practices
Network access
Best practices
Auditing and monitoring
Best practices
Container Storage Interface (CSI)
Best practices
Virtual Network (VNet)
Network access
Best practices
Monitoring
Best practices
Managed DNS
Best practices
Content delivery network (CDN)
Best practices
Site-to-Site VPN
Best practices
Point-to-Site VPN
Best practices
DDoS Protection
Best practices
WAF
Best practices
Azure AD
Azure AD terminology
Best practices securing Azure AD
Best practices auditing Azure AD
GCP
Introduction
What?
Why?
How?
Compute Engine (GCE) and VM instances
Authenticating to a VM instance
Best practices
Network access to a VM instance
Best practices
Serial console connection
Best practices
Patch management
Best practices
SQL for MySQL
Configuring IAM
Best practices
Network access
Best practices
Stored data
Best practices
Conducting auditing and monitoring
Best practices
Kubernetes Engine (GKE)
Configuring IAM
Best practices
Network access
Best practices
Conducting auditing and monitoring
Best practices
Enabling compliance
Best practices
Functions
Configuring IAM
Best practices
Data and network access
Best practices
Conducting auditing and monitoring
Best practices
Storage
Authentication and authorisation
Best practices
Network access
Best practices
Auditing and monitoring
Best practices
Persistent Disk
Best practices
Filestore
Authentication and authorisation
Best practices
Network access
Best practices
Container Storage Interface (CSI)
Best practices
Virtual Private Cloud (VPC)
Network access
Best practices
Monitoring
Best practices
Managed DNS
Best practices
Content delivery network (CDN)
Best practices
Managed VPN
Best practices
Armor
Best practices
Google Cloud IAM
Google Cloud IAM terminology
GCP policy evaluation
Best practices securing cloud IAM
Best practices auditing cloud IAM
DevSecOps
Ty Myrddin Home
Unseen University
Improbability Blog
About
Contact
Monitoring and auditing