Advanced Security

Defending Cloud-Based Applications

Course Learning Objectives

  • Describe what cloud computing is and its advantages.
  • Discover what are the common cloud delivery and deployment models.
  • Learn about the attack vectors associated with cloud computing.
  • Differentiate between various attacks that could be targeting your cloud application.
  • Apply security design principles when developing cloud-based applications.
  • Utilize sound cloud security testing techniques.
  • Recognize the security risks and concerns with adopting to cloud computing.

Description

This course aims to teach you about common security concerns surrounding cloud-based applications and to some extent, cloud providers. You will also learn about best practices and security concepts involved when creating applications for the cloud, all the way from requirements to deployment.

Audience

Cloud application developers

Time Required

Tailored learning - 60 minutes total

Course Outline

  1. Cloud Computing Fundamentals
    • What is cloud computing?
    • Why cloud?
    • Cloud delivery models
    • Cloud deployment models
    • Barriers to cloud adoption
    • Characteristics of cloud-based applications
    • Security concerns
  2. Security Objectives
    • Cloud security objective
    • Confidentiality
    • Integrity
    • Availability
    • Cloud attack vectors
    • Insecure APIs
    • Shared technology
    • Cloud service providers
    • Cloud users
    • Attacks associated with cloud-based applications
    • Availability based attacks
    • Data security based attacks
    • Network security based attacks
    • Identity management based attacks
  3. Security ObjectivesSecure SDLC
  4. Cloud application security requirements
  5. Authentication and identification
  6. Authorization
  7. Auditing
  8. Cloud security design principles
  9. Secure development practices
  10. Choosing a language
  11. Coding practices
  12. Managing user input
  13. Handling data
  14. Cloud application security testing
  15. Security test plan
  16. Security testing techniques
  17. Cloud application secure deployment
  18. Security ObjectivesSecurity Concerns and Challenges
  19. Standards and compliance
  20. Cloud standards working group
  21. Case study: Google apps
  22. Privacy compliance
  23. Privacy policy
  24. Access control and identity management
  25. Enterprise identity provider
  26. Identity management-as-a-service
  27. Encryption and key management
  28. Software-based protections
  29. VM architecture
  30. + Expand Course Outline

$200.00 *prices shown in USD Add to Cart or Subscribe your team