How can cloud applications build security in? This question may seem almost as limitless as the cloud itself. To get some answers, we sat down with John Roberts, Senior Security Consultant and resident Amazon Web Services (AWS) expert, to discuss Synopsys’ newest training opportunity.
During our discussion, he puts the breadth of cloud security into perspective. He also highlights what an engaging, hands-on approach to a real-world cloud application life cycle looks like. Here are the Cloud Security: AWS DevOps Workshop details from the course developer himself.
John: Most software in use today leverages the cloud for development, hosting, or integration with third-party code. Containerization and DevOps both enable and embrace the cloud. As technology continues to evolve, the need for secure software development and delivery remain constant.
This cloud security training workshop embodies the de-siloed DevOps mindset. It exposes attendees to cross-discipline information and perspectives. As the first course in Synopsys’ Cloud Training Series, this full-day training teaches a technical audience of developers, operations team members, and InfoSec engineers about fundamental cloud security skills in a hands-on-keyboard workshop.
John: The first hour of the course introduces an example cloud application. Attendees explore common cloud threat agents and platform security controls to mitigate these threats. The workshop then moves through focused pointers and hands-on activities to put those pointers into practice. The most noteworthy aspect is that workshop attendees get to secure a cloud application using common cloud-native technology including Amazon Web Services (AWS), Docker, and Chef.
This hands-on course gives attendees a sense of the application as a whole, its constituent components, and how using platform security controls harden the application and its environment. In other words, workshop attendees build security into the lab environment and gain an understanding of how the lab exercises impact an application’s security posture.
John: This course assumes that attendees are comfortable using a Linux CLI environment. Attendees should also hold a conceptual familiarity with common AWS services (e.g., EC2, VPC, RDS, KMS, and IAM), Docker, Chef, or other infrastructure-as-code tools (e.g., Puppet, SaltStack, and Ansible). Additionally, each relevant technology is introduced during the course.