Securing Cloud Delivery Pipelines - Findings From A Blue-Red Team Security Simulation
Offered By: Security BSides London via YouTube
Course Description
Overview
Dive into the world of cloud security with this 40-minute conference talk from Security BSides London. Explore the findings from a Blue/Red Team security simulation focused on securing cloud delivery pipelines. Learn about the current state of cloud security, essential tooling, and strategies to defend against advanced, motivated attackers. Discover real-world examples through case studies like Tin Tulip and The Creative Licensing Agency. Gain insights on implementing trusted pipelines, utilizing accounts as bulkheads, and improving architecture for enhanced security. Examine the importance of code review and adopt best practices and processes to strengthen your cloud delivery pipeline. Conclude with actionable takeaways and access to valuable repositories for further exploration and implementation.
Syllabus
Intro
State of
Tooling up
Advanced, motivated attackers
Tin Tulip
The Creative Licensing Agency
Trusted pipeline
Pipeline learnings
Accounts as bulkheads
Architecture learnings
Code review
Practices and processes learnings
Conclusions
Check out the repos!
Taught by
Security BSides London
Related Courses
Structure Standing Still: The Statics of Everyday ObjectsUniversity of Florida via Coursera Designing Cities
University of Pennsylvania via Coursera An Exploration of Symmetry (Eligible for NTU Credit)
Nanyang Technological University via Coursera EUROPA 2020: Regeneración urbana
Universitat Jaume I via Independent Future Cities
ETH Zurich via edX