YoVDO

Mitigating Log4Shell and Similar Vulnerabilities Using Cloud Services

Offered By: ChariotSolutions via YouTube

Tags

Cloud Security Courses Network Security Courses AWS Security Courses Web Application Firewalls Courses Secrets Management Courses Log4Shell Courses

Course Description

Overview

Explore how cloud services can help mitigate vulnerabilities like Log4Shell in Java applications. Learn to block attacks, prevent data exfiltration, protect sensitive information, and perform forensic analysis in cloud environments. Discover strategies for securing web applications, implementing network security measures, and leveraging cloud-native features to enhance overall application security. Gain insights into using Web Application Firewalls, VPC Endpoints, Internet Proxies, and AWS-specific tools like Security Groups and Cloud Trail Events. Understand the importance of proper secrets management and multi-account strategies in maintaining a robust security posture for Java applications deployed in the cloud.

Syllabus

Intro
An Unanticipated Collision of Features
RCE May Not Be The Real Concern
Lift 'n' Shift Web App
Cloud-native Web App
Web Application Firewall
Real-world Apps Talk to the Outside World
Typical deployment: use a NAT
Simple case: Security Group egress rules
Alternative: VPC Endpoints
Alternative: Internet Proxy
Using a Proxy with the Java V2 SDK
Network Firewall
Application Roles
Multi-Account
Service Control Policies
Secrets, not Environment Variables
Cloud Trail Events


Taught by

ChariotSolutions

Related Courses

AWS Security Fundamentals
Amazon via Independent
AWS Security and Governance Administration for Professionals
Udemy
Designing for Advanced Security within AWS
Pluralsight
AWS Developer: Deployment and Security
Pluralsight
Securing AWS Networks
Pluralsight