Application Security Posture Management: Security from the Supply Chain to Cloud Runtime

سرفصل های دوره

This course covers the core concepts and skills required to secure a modern, cloud-native application. Join instructor and security engineer James Berthoty as he provides a comprehensive overview of the emerging field of application security posture management (ASPM) and how it integrates a variety of different security tools used to secure applications from supply chain and other threats. Explore the fundamentals of code security, container security, runtime security, and remediating findings. Along the way, test out your new skills in the exercise challenges at the end of each section. Upon completing this course, you’ll be prepared to successfully argue for the value of different security tools in your development workflows, as well as implement a full program to operationalize those tools.

01 - Introduction

01 - Risks are everywhere

02 - What you should know

03 - How modern web applications are deployed

04 - DevOps best practices

05 - Security challenges in a DevOps world

06 - Everything you could possibly scan

07 - What youll actually want to do

08 - Challenge Diagram a workflow

09 - Solution Diagram a workflow

02 - 1. Code Security

01 - Challenges with securing code

02 - Static application security testing (SAST)

03 - Software bill of materials (SBOM)

04 - Software composition analysis (SCA)

05 - Secret scanning

06 - Infrastructure as code scanning

07 - Challenge Run your own scan

08 - Solution Run your own scan

03 - 2. Container Security

01 - Challenges with securing supply chains

02 - Secure software development lifecycle (SSDLC)

03 - Container vulnerability scanning

04 - Securing DevOps runners

05 - Approaches to container scanning

06 - Challenge Compare container base images

07 - Solution Compare container base images

04 - 3. Runtime Security

01 - Dynamic application security testing (DAST)

02 - Cloud security posture management (CSPM)

03 - Emerging runtime security CADR and beyond

04 - Challenge Tell the attack story

05 - Solution Tell the attack story

05 - 4. Remediating Findings

01 - Getting it all done

02 - Operationalizing remediation programs

03 - What buy-in do you need

04 - Point solutions vs. all-in-one platforms

05 - Challenge Prioritize and remediate

06 - Solution Prioritize and remediate

06 - Conclusion

01 - Continuing on with application security

189,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: LinkedIn Learning (Lynda)