YoVDO

Improving the Security of Software Defined Infrastructures - AppSec EU 2017

Offered By: OWASP Foundation via YouTube

Tags

Infrastructure Security Courses Cybersecurity Courses DevOps Courses Puppet Courses Chef Courses Configuration Management Courses Vulnerability Assessment Courses Secret Management Courses Source Code Analysis Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the security challenges and best practices for Software Defined Infrastructures (SDI) in this 26-minute conference talk from AppSec EU 2017. Delve into the advantages and potential vulnerabilities of configuration management tools like Puppet and Chef. Learn about the attack surface and threats in SDI deployments, and discover techniques for identifying vulnerabilities through source code analysis. Gain insights from real-world security reviews and understand how to remediate common security issues. Cover topics including insufficiently protected interfaces, insecure handling of secrets, encryption of configuration values, logging configuration changes, credential management, untrusted code, and implementing a robust security lifecycle. Benefit from practical examples and lessons learned to improve the security of your SDI implementations.

Syllabus

Introduction
About Theodoor
Explanation
Software Defined Infrastructure
SPI Architecture
Advantages of SPI
SPI as an attack factor
Insufficiently protected interfaces
Insecure handling of secrets
Encrypt Configuration Values
Logging Configuration Changes
Credentials
Untrusted Code
Security Lifecycle
Examples


Taught by

OWASP Foundation

Related Courses

Desarrollo de Aplicaciones Web: Prueba y Despliegue
University of New Mexico via Coursera Infrastructure as Code
Microsoft via edX Configuration Management and the Cloud
Google via Coursera DevOps Foundations: Software Development Optimization
Universidad AnĂ¡huac via edX Fundamentos de DevOps: Optimiza el desarrollo del software
Universidad AnĂ¡huac via edX