AutoScaling Web Application Security in the Cloud
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore auto-scaling web application security in cloud environments through this conference talk from AppSecUSA 2014. Learn practical approaches for securing rapidly scaling cloud applications, with a focus on Amazon Web Services. Discover common techniques and tools for auto-scaling security, including Chef/Puppet, CloudFormation, and Elastic Load Balancer. Understand the role of auto-scaling groups, management APIs, and scaling triggers in deploying web security infrastructure. Examine the impact of Platform-as-a-Service on application security and strategies for embedding controls directly into web applications. Gain insights into designing scalable security architectures, abstracting application security components, and implementing CloudFormation templates for efficient deployment. While primarily aimed at advanced audiences with strong networking and cloud security experience, this talk also offers valuable information for intermediate attendees involved in cloud security strategy and requirements.
Syllabus
Introduction
Topics We'll Cover
Cloud Architecture is Evolving
Security vs DevOps
Basic Auto Scaling Tools
Basic Auto Scaling Capabilities
Elastic Load Balancer
Configuring Auto Scaling in AWS
Creating an Auto Scaling Group
Create Auto Scaling Policy
Auto Scaling In Action
Designing for Scale
Architecture Principles
Auto Scaling Web App Firewalls?
Abstracting Application Security Components
1. Separate Processing & Control Planes
Reduce and Abstract Interactions
Store Persistent Data on EBS
Web Traffic Flow
Complete Stack - Prior to Automation
Using CloudFormation Templates
Command Line Example
Base WAF Stack Ready
10gbps Environment Test
Taught by
OWASP Foundation
Related Courses
Cloud Computing Applications, Part 1: Cloud Systems and InfrastructureUniversity of Illinois at Urbana-Champaign via Coursera Cloud Computing for Enterprises
University System of Maryland via edX Microsoft Professional Orientation : Cloud Administration
Microsoft via edX DevOps Practices and Principles
Microsoft via edX Google Cloud Fundamentals: Core Infrastructure en EspaƱol
Google Cloud via Coursera