How to Create a Central Logging Solution in AWS | AppSecEngineer Shorts
Watch Abhay Bhargav take you through what is a Central logging system, which 3 major features are required in a Central Log Management System and how do you create a Central Logging Solution in AWS.
This August we will be at the BlackHat USA 2022 to conduct training on 'PURPLE-TEAM AWS: 2022 EDITION'
KEY TAKEAWAYS:
? Each lab has an Attack-Detect-Defend structure, where the student gets a 360 degree perspective of cloud security on AWS. They learn the vulnerabilities and exploit possibilities. They learn the detection capabilities that they can deploy to identify these attacks. And in addition, they also explore defence, that will address the security shortcomings of each scenario in detail.
? Participants get exposure to multiple types of stacks deployed on Amazon Web Services (AWS). This is rooted in practicality as organizations are rapidly evolving their stack to suit cloud-native environments. This makes the class future-proof.
WHO SHOULD TAKE THIS COURSE:
? Cloud Professionals - #awscommunity
? #Pentesters
? #CloudSecurity Practitioners
? Red-Teamers
? #DevOps professionals
? #DevSecOps Professionals
? Application Security Professionals
Learn more & Register: https://www.blackhat.com/us-22/training/schedule/index.html#purple-team-aws--edition-257421645116056
...
https://www.youtube.com/watch?v=GtftL-p4xQA
Mastering AWS security is a breeze with @AppSecEngineer!
No stress, no hassle – just dive into the cloud sandbox for instant AWS accounts.
Say goodbye to lugging your own environment and hello to mastering secure app building!
Unlock the secrets of AWS Lambda Security with Abhay Bhargav in this video: https://youtu.be/-hfuDR8c1iI
#AWS #CloudSecurity #awssecurity
...
https://www.youtube.com/watch?v=5wykeGBd3Us
In this video (Part 1 of 2), discover the Six Core Principles of Zero Trust Security that can redefine your security approach.
Dive even deeper into the world of cybersecurity with our Zero Trust Security Handbook. It's your comprehensive guide to mastering the art of Zero Trust.
? Get the Handbook: https://www.appsecengineer.com/e-books/the-zero-trust-security-handbook
#CorePrinciples #SecureYourNetwork #appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning
...
https://www.youtube.com/watch?v=EZ-RVAnvex0
Last week, CircleCI reported a security incident and advised its users to rotate “any and all secrets” stored in CircleCI, including those stored in project environment variables or in contexts. For projects using API tokens, CircleCI said it has invalidated these tokens and users will be required to replace them. The company has also advised users to audit internal logs for unauthorized access occurring between December 21, 2022, and January 4, 2023.
They further left an update on 6th January, asking customers to make sure they rotate keys at the source (the system to which they provide access) and then store the new secrets on CircleCI because just removing them from CircleCI is not enough.
Watch Abhay Bhargav, explain how and why such security incidents occur and learn how to defend yourself from such attacks in the future.
Chapters:
0:00- Intro
0:30- What is CircleCI and what happened?
2:12- Why do we store sensitive info in tools like CircleCI?
6:00- Why rotating and regenerating secrets are easier said than done?
10:00-List of possible proactive security measures from user end
15:28- Conclusion
#circleci #databreach #cyberattack #cloudsecurity #secrets
...
https://www.youtube.com/watch?v=9RTW2EE2Pgk
Find us at: https://appsecengineer.com/
Follow us on Twitter: https://twitter.com/AppSecEngineer
AppSecEngineer is the thing you’ve been waiting for. The world’s most comprehensive, hands-on, easy to use resource to learn application security now fits on a single tab of your browser.
We have courses on Kubernetes security, Cloud security, DevSecOps, Container security, and much more. Our instructors have taught thousands of professionals across the world to be security-fluent, and have helped Fortune 500 companies push their teams to the cutting-edge of security.
Now, all that knowledge and expertise is can be a single subscription that costs less than a cup of coffee a day.
From intuitive hands-on labs that let you practice everything you learn, to some of the best application security content in the world, we’re here to make sure your career in security is all but guaranteed.
Click here to take our 14-day free trial (no credit card required): https://appsecengineer.com/pricing/
Welcome to AppSecEngineer!
...
https://www.youtube.com/watch?v=T0roj9Vm1Ig
AppSecEngineer is the only product security training your team will ever need.
Learn more: https://www.appsecengineer.com/
- Grow your team's skills fast
- Train them to solve real-world security problems
- Skills that give your company the advantage
- Users stay engaged with fun, hands-on exercises
We offer courses in Application Security, Cloud Security (AWS & Azure), Kubernetes Security, DevSecOps, Threat Modeling, and more.
Developers can learn secure coding with Playgrounds in their preferredlanguage (Java, Python, Angular, NodeJS, and GoLang).
With Challenges, more advanced users can test their skills by solving real-world problems and fixing critical security issues.
AppSecEngineer offers 50+ courses and 700+ hands-on labs for a subscription that costs WAY less than a single conference training.
Upskill your workforce, retain your talent, build secure software without missing a single deadline. Only with AppSecEngineer. Never stop learning!
...
https://www.youtube.com/watch?v=H1koGgrSgWU
Watch the full video here: https://youtu.be/cVVBwcJu4Po
Learn more: https://www.appsecengineer.com/
Get your team hands-on training in security: https://www.appsecengineer.com/main-menu-pages/teams
Check out our Secure Coding Collection: https://www.appsecengineer.com/secure-coding-collection
2023 has had some of the most devastating cyberattacks and data breaches ever recorded. Is this what the future of tech is going to look like?
Not if we can help it! In this video, Aneesh Bhargav goes over the 12 biggest cyberattacks in the last year: attacks that have targeted healthcare, finance, government organisations and more.
By examining the various exploits and techniques used by hackers, we can learn how to better defend ourselves against cybercrime and prevent millions of dollars in lost revenue and customer trust.
#cyberattack #cyberthreats #databreaches #appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning #devsecops #Kubernetes #containers #threatmodelling #cloudsecurity #aws #azure #gcp
...
https://www.youtube.com/watch?v=vAVYXHwpUCg