YoVDO

Securing Cloud Delivery Pipelines - Findings From A Blue-Red Team Security Simulation

Offered By: Security BSides London via YouTube

Tags

Security BSides Courses DevOps Courses Architecture Courses Secure Software Development Courses Cloud Security Courses

Course Description

Overview

Dive into the world of cloud security with this 40-minute conference talk from Security BSides London. Explore the findings from a Blue/Red Team security simulation focused on securing cloud delivery pipelines. Learn about the current state of cloud security, essential tooling, and strategies to defend against advanced, motivated attackers. Discover real-world examples through case studies like Tin Tulip and The Creative Licensing Agency. Gain insights on implementing trusted pipelines, utilizing accounts as bulkheads, and improving architecture for enhanced security. Examine the importance of code review and adopt best practices and processes to strengthen your cloud delivery pipeline. Conclude with actionable takeaways and access to valuable repositories for further exploration and implementation.

Syllabus

Intro
State of
Tooling up
Advanced, motivated attackers
Tin Tulip
The Creative Licensing Agency
Trusted pipeline
Pipeline learnings
Accounts as bulkheads
Architecture learnings
Code review
Practices and processes learnings
Conclusions
Check out the repos!


Taught by

Security BSides London

Related Courses

Structure Standing Still: The Statics of Everyday Objects
University of Florida via Coursera
Designing Cities
University of Pennsylvania via Coursera
An Exploration of Symmetry (Eligible for NTU Credit)
Nanyang Technological University via Coursera
EUROPA 2020: Regeneración urbana
Universitat Jaume I via Independent
Future Cities
ETH Zurich via edX