YoVDO

Leveraging Google Cloud Armor, Security Scanner and the Data Loss Prevention API

Offered By: Pluralsight

Tags

Google Cloud Platform (GCP) Courses Access Control Courses Cloud Security Courses Data Loss Prevention Courses

Course Description

Overview

This course focuses on the design and implementation of security scanning, protection against Distributed Denial of Service (DDoS) attacks and security auditing. The course also covers the use of the Data Loss Prevention API in protecting sensitive data.

Recent years have witnessed a steady increase in the number of reported instances of data being compromised, stolen and even sold for ransom. In this course, Leveraging Google Cloud Armor, Security Scanner and the Data Loss Prevention API, you will gain the ability to mitigate threats of DDoS attacks using Cloud Armor, scan your App Engine and Compute Engine web apps using Security Scanner, enforce audit rules using Forseti and use the Data Loss Prevention API to control access to sensitive data. First, you will learn how to use Cloud Armor to mitigate the threat of DDoS attacks directed at your HTTP(S) load balanced applications. Cloud Armor will enforce these rules at the edge of the Google network and prevent unwanted requests from permeating into the interior of your VPC network. Next, you will discover how to use the Security Scanner to identify potential vulnerabilities in your App Engine and Compute Engine web apps. These currently include checks for cross-site scripting, flash injection, mixed content, clear-text passwords, invalid headers and the use of outdated libraries. This list of vulnerabilities is constantly being added to, which means that your Security Scanner reports will change and get richer and better over time. You will also use Forseti, a third-party tool that is used to conduct security audits of IAM policies and compare the actual and desired state of system resources. Finally, you will explore how to use the Data Loss Prevention API to control access to sensitive data. The DLP API has a long list of country-specific types of sensitive data type - US Social Security Numbers and the tax identifiers of several countries. The API has built-in detectors to return probabilities that a given data item matches a certain type of sensitive data. It is also possible to add custom detectors, and to use powerful techniques for redaction and de-identification of such data. When you’re finished with this course, you will have the skills and knowledge of various security auditing and protection services to protect against DDoS attacks, as well as identify vulnerabilities in your apps and project settings to help identify and protect sensitive data.

Syllabus

  • Course Overview 2mins
  • Using Cloud Armor to Protect Against DDoS Attacks 35mins
  • Using Cloud Security Scanner to Identify App Vulnerabilities 39mins
  • Using the Cloud Data Loss Prevention (DLP) API for Data Protection 54mins

Taught by

Janani Ravi

Related Courses

APIs
Meta via Coursera
Architecting with Google Kubernetes Engine en Español
Google Cloud via Coursera
Authentication and Authorization with AWS Identity and Access Management (Japanese) (日本語吹き替え版)
Amazon Web Services via AWS Skill Builder
AWS Security Fundamentals
Amazon Web Services via AWS Skill Builder
AWS Security Fundamentals (Second Edition) (French)
Amazon Web Services via AWS Skill Builder