Train your Security Champions in AWS security, DevSecOps, Kubernetes and more: https://www.appsecengineer.com/security-champions [Free ebook] Ultimate Guide to Building Security Champions: https://www.appsecengineer.com/e-books/the-ultimate-guide-to-building-security-champions Find us at: https://www.appsecengineer.com/ Twitter: https://twitter.com/AppSecEngineer LinkedIn: https://www.linkedin.com/company/appsecengineer #appsec #cybersecurity #softwaredevelopment #AppSecEngineer #devsecops #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning #devsecops #Kubernetes #containers #threatmodelling #cloudsecurity #aws #azure #gcp #offensivesecurity #redteam #blueteam #purpleteam #cybersecurity #blackhat #infosectraining #skillgap #upskill #careers #techjobs #defcon #hackersummercamp #CybersecurityEducation #HandsOnLabs #Certifications #SkillsGap #securityengineer #developer #cloudengineer #secuirtyarchitect #securitychampion #devopsengineer #devops #pentester #TeamTraining #NeverStopLearning ... https://www.youtube.com/watch?v=em6DcuEsZWI

This August we will be at the BlackHat USA 2022 to conduct training on 'PURPLE-TEAM AWS: 2022 EDITION' KEY TAKEAWAYS: ? Each lab has an Attack-Detect-Defend structure, where the student gets a 360 degree perspective of cloud security on AWS. They learn the vulnerabilities and exploit possibilities. They learn the detection capabilities that they can deploy to identify these attacks. And in addition, they also explore defence, that will address the security shortcomings of each scenario in detail. ? Participants get exposure to multiple types of stacks deployed on Amazon Web Services (AWS). This is rooted in practicality as organizations are rapidly evolving their stack to suit cloud-native environments. This makes the class future-proof. WHO SHOULD TAKE THIS COURSE: ? Cloud Professionals - #awscommunity ? #Pentesters ? #CloudSecurity Practitioners ? Red-Teamers ? #DevOps professionals ? #DevSecOps Professionals ? Application Security Professionals Learn more & Register: https://www.blackhat.com/us-22/training/schedule/index.html#purple-team-aws--edition-257421645116056 ... https://www.youtube.com/watch?v=GtftL-p4xQA

In this video (Part 1 of 2), discover the Six Core Principles of Zero Trust Security that can redefine your security approach. Dive even deeper into the world of cybersecurity with our Zero Trust Security Handbook. It's your comprehensive guide to mastering the art of Zero Trust. ? Get the Handbook: https://www.appsecengineer.com/e-books/the-zero-trust-security-handbook #CorePrinciples #SecureYourNetwork #appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning ... https://www.youtube.com/watch?v=EZ-RVAnvex0

Last week, CircleCI reported a security incident and advised its users to rotate “any and all secrets” stored in CircleCI, including those stored in project environment variables or in contexts. For projects using API tokens, CircleCI said it has invalidated these tokens and users will be required to replace them. The company has also advised users to audit internal logs for unauthorized access occurring between December 21, 2022, and January 4, 2023. They further left an update on 6th January, asking customers to make sure they rotate keys at the source (the system to which they provide access) and then store the new secrets on CircleCI because just removing them from CircleCI is not enough. Watch Abhay Bhargav, explain how and why such security incidents occur and learn how to defend yourself from such attacks in the future. Chapters: 0:00- Intro 0:30- What is CircleCI and what happened? 2:12- Why do we store sensitive info in tools like CircleCI? 6:00- Why rotating and regenerating secrets are easier said than done? 10:00-List of possible proactive security measures from user end 15:28- Conclusion #circleci #databreach #cyberattack #cloudsecurity #secrets ... https://www.youtube.com/watch?v=9RTW2EE2Pgk