LBRY Block Explorer • Claim • aws-re-invent-2023-security-updates-2

LBRY Claims • aws-re-invent-2023-security-updates-2

c3cd1f52368662c9fe2e205ebf21fb296a802f94

Published By

@cybr

Created On

7 Dec 2023 13:14:37 UTC

Transaction ID

d53ca98679423ae70037918da659127cbad210713b05d66a727b20423524fe04

Cost

Safe for Work

Free

Yes

AWS re:invent 2023 Security Updates (Part 3) #detective #awssecurity #cloudsecurity

#AWS #reinvent 2023 security updates that you should know about!

This is part 3 of 4
...
https://www.youtube.com/watch?v=GSP7WatiYGc

Author

Content Type

Unspecified

video/mp4

Language

English

Open in LBRY

More from the publisher

Controlling

VIDEO

USE T

use-terraform-you-need-this-for

lbry://@cybr/use-terraform-you-need-this-for

So you’re using Terraform to deploy infrastructure on the cloud, and it all works beautifully…you’re done, right? Well not quite! There’s one more very important step that you need to take to make sure that the infrastructure you’re about to deploy is following best practices and doesn’t have any major security issues. ? Chat with me Discord: https://cybr.com/discord Website: https://cybr.com LinkedIn: https://www.linkedin.com/in/christophelimpalair/ Twitter: https://twitter.com/christophelimp ? Links mentioned in the video: - Repo used in the video: https://github.com/christophelimpalair/terraform-iac-scan-example - Checkov: https://www.checkov.io/ - Terraform: https://www.terraform.io/ ? Courses - Introduction to AWS Security: https://cybr.com/courses/introduction-to-aws-security/ - Intro to AWS Pentesting: https://youtu.be/IbqjtqTeyr0 ? Disclaimer This video is strictly for educational purposes and to teach you how you can detect and mitigate threats from your or your employer's cloud enviroments. Learning about real threats, ethical hacking, and penetration testing is an important way of protecting ourselves against threat actors. ⏱ Timestamps: 00:00 - 00:16 - Intro 00:17 - 00:47 - What is Terraform? 00:48 - 01:20 - What you need 01:21 - 01:57 - About the demo and tools 01:58 - 02:15 - Install Checkov & Terraform 02:16 - 02:36 - Initializing Terraform 02:37 - 02:54 - Running Checkov 02:55 - 06:09 - Fixing the issues 06:10 - 08:15 - Custom Policies 08:16 - 09:31 - Restricting EC2 instance types 09:32 - 09:39 - Methods for running these checks 09:40 - 10:08 - Outro #awssecurity #cloudsecurity #sast #iac #checkov #infrastructureascode #terraform #policyascode #policy #cybersecurity #securityassessment #aws ... https://www.youtube.com/watch?v=o2NkK4w_ZbM

Transaction

Created

4 weeks ago

Content Type

Language

video/mp4

English

Controlling

VIDEO

INTRO

intro-to-iam-enumeration-(users,-groups,

lbry://@cybr/intro-to-iam-enumeration-(users,-groups,

Learn how to enumerate AWS IAM, including gathering useful information about users, groups, roles, and policies. This skill is critical to learn and develop because enumeration is your starting point when performing AWS cloud security assessments. If you don’t know how the AWS environment is set up and configured, then you can’t effectively find issues that need to be fixed. This is a free lab from Cybr that you can access with links below. ? Resources ? - Free Lab link: https://cybr.com/courses/introduction-to-aws-enumeration/lessons/lab-introduction-to-aws-iam-enumeration-2/ - Introduction to AWS Enumeration course: https://cybr.com/courses/introduction-to-aws-enumeration/ - AWS Security Cheat Sheet: https://cybr.com/tag/aws-security-cheat-sheets/ - Cloud security public repository: https://cloudsec.cybr.com/ - Cloud security community: https://cybr.com/discord ➡️ Get access to this lab with a free Cybr account: https://cybr.com #aws #awscloud #cloudsecurity ... https://www.youtube.com/watch?v=iF3her1Beuk

Transaction

Created

4 weeks ago

Content Type

Language

video/mp4

English

Controlling

VIDEO

WHAT

what-are-switches-for-layer-2-devices

lbry://@cybr/what-are-switches-for-layer-2-devices

In this preview video from Cybr's Networking Fundamentals course, we talk about what networking switches are, and what primary purpose they serve. If you'd like to build a networking foundation, check out our course: https://cybr.com/courses/networking-fundamentals ... https://www.youtube.com/watch?v=sIeVEYAU8KI

Transaction

Created

4 weeks ago

Content Type

Language

video/mp4

English

Controlling

VIDEO

IAM -

iam-aws-cloudtrail-course

lbry://@cybr/iam-aws-cloudtrail-course

If you’re not already familiar with it, AWS Identity and Access Management (or IAM for short), is the service that lets you control who can be authenticated and authorized to use your AWS resources, including CloudTrail resources. If you don’t get your IAM configurations right, then you will leave your CloudTrail deployments vulnerable. So we need to start there when it comes to securing CloudTrail. Because IAM is such a large and complex service, we’ll reserve explaining that in more detail for a different course, but for this lesson, let’s focus on what you need to know and do for CloudTrail specifically. #awssecurity #cloudtrail #aws #awstraining #cybersecurity ... https://www.youtube.com/watch?v=cIpnxNWZ9Hw

Transaction

Created

4 weeks ago

Content Type

Language

video/mp4

English

Controlling

VIDEO

HOW T

how-to-set-up-the-dvwa-on-kali-with

lbry://@cybr/how-to-set-up-the-dvwa-on-kali-with

For the written version of this tutorial and for commands you can copy/paste, visit this blog post: https://cybr.com/app-data-security/how-to-set-up-the-dvwa-on-kali-with-docker/ In this video, we set up the Damn Vulnerable Web Application (DVWA) on Kali Linux with Docker, so that we don't have to install additional software and we can easily spin up/down containers as they are needed. This is my preferred way of setting up web apps on my localhost, as it is a lot faster and cleaner. The DVWA is meant to help you learn new skills and practice using tools on a vulnerable web application in a safe and legal environment. Please do not upload this application on any publicly-facing servers since it is designed to be vulnerable and will be compromised. ... https://www.youtube.com/watch?v=ll4NDoO_GvA

Transaction

Created

4 weeks ago

Content Type

Language

video/mp4

English

Controlling

VIDEO

SQL I

sql-injections-the-full-course

lbry://@cybr/sql-injections-the-full-course

Welcome to this course on SQL injection attacks! In this course, we explore one of the biggest risks facing web applications today. We start out by creating a safe and legal environment for us to perform attacks in. Then, we cover the core concepts of SQL and injections. After that, we learn SQL injection techniques with the help of cheat sheets and references. At that point, we start to gather information about our target in order to find weaknesses and potential vulnerabilities. Once we've gathered enough information, we go full-on offensive and perform SQL injections both by hand and with automated tools. These attacks will extract data such as tokens, emails, hidden products, and password hashes which we then proceed to crack. After successfully attacking and compromising our targets, we take a step back and discuss defensive controls at the network, application, and database layers. We also look at actual vulnerable code and show ways of fixing that vulnerable code to prevent injections. Please note: Performing these attacks on environments you do not have explicit permissions for is illegal and will get you in trouble. That is not the purpose of this course. The purpose is to teach you how to secure your own applications. Join Cybr's Discord: https://discord.gg/F9EYe7V Cybr Courses: https://cybr.com/courses/ Pre-Requisites: To understand how SQL injections work and how to perform them as well as defend against them, you must have: - Experience working with web applications - Experience with SQL Suggestion: You may also wish to take our free Introduction to Application Security (AppSec) course (https://cybr.com/courses/introduction-to-application-security-appsec/) to familiarize yourself with the concepts of Application Security. Timestamps: About the course - 00:00 - 04:15 Setting up a safe & legal environment - 4:16 - 14:20 Getting started with OWASP ZAP - 14:21 - 18:41 SQL Concepts - 18:42 - 25:16 SQL Injections Explained - 25:17 - 35:27 SQL Injections Cheatsheets - 35:28 - 45:08 Information Gathering - 45:09 - 58:36 SQL Injections Hands-On - 58:37 - 01:14:41 SQL Injections with SQLMap - 01:14:42 - 01:23:29 Defenses at the Network Layer - 01:23:30 - 01:25:58 Defenses at the Application Layer - 01:25:59 - 01:37:49 Defenses at the Database Layer - 01:37:50 - 01:41:40 Ending Screen - 01:41:41 - 01:41:50 ... https://www.youtube.com/watch?v=fiq59DuhY68

Transaction

Created

4 weeks ago

Content Type

Language

video/mp4

English

Controlling

VIDEO

RE:IN

re-invent2023-important-security-updates

lbry://@cybr/re-invent2023-important-security-updates

Some of the #AWS #reinvent 2023 security updates that I'm most excited about and have been using nearly daily since they came out This is part 1 of 3 ... https://www.youtube.com/watch?v=POuETPclY4g

Transaction

Created

4 weeks ago

Content Type

Language

video/mp4

English

Controlling

VIDEO

SAST

sast-in-38-seconds

lbry://@cybr/sast-in-38-seconds

What is SAST, and why do you need to know about it if you're writing any type of code? Here's a quick and simple explanation. #SAST #applicationsecurity #cybersecurity #programming ... https://www.youtube.com/watch?v=EQF-0Mu2e0k

Transaction

Created

4 weeks ago

Content Type

Language

video/mp4

English

Controlling

VIDEO

AWS W

aws-waf-in-59-seconds

lbry://@cybr/aws-waf-in-59-seconds

What you need to know about the WAF WAF in 59 seconds. For a full detail of how to get started with it, check out my video: https://youtu.be/aDW2NDUBAOw For a full course on AWS security, check out my course: https://cybr.com/courses/introduction-to-aws-security/ #cloudsecurity #awssecurity #waf #webapplicationfirewall ... https://www.youtube.com/watch?v=pBXcYA8eSbU

Transaction

Created

4 weeks ago

Content Type

Language

video/mp4

English