Serverless Security on AWS

1-day workshop that covers everything you need to consider when it comes to securing your serverless application.

Curriculum

• Lambda function security
  • IAM best practices
  • Secret management
  • Function configuration best practices
  • Ingress and egress validation
  • Monitoring/logging
• CI pipeline security
  • Securing deployer role for same & cross-account deployments
  • Scanning app dependencies for vulnerabilities
• API security
  • Authentication and authorization
  • Networking
  • WAF
  • Throttling
  • Monitoring
• Network security
  • VPC
  • Security Group
  • Network ACL
  • AWS Shield
• Data security
  • Server-side encryption
  • RDS
• General AWS security
  • Account organization (feat. AWS Organizations and Control Tower)
  • Protecting against credential leaks
  • Monitoring suspicious activities
  • DevSecOps automation with Lambda
  • Overview of SecurityHub, TrustedAdvisor, Macie, etc.

Booking

[contact-form-7 id=”8698″ title=”Workshop request”]