CloudAcademy
  1. Home
  2. Content Library
  3. Amazon Web Services
  4. Courses
  5. Intrusion Detection and Prevention on Amazon Web Services

Introduction

The course is part of these learning paths

Security - Specialty Certification Preparation for AWS

course-steps 22 certification 1 lab-steps 11

Advanced Networking – Specialty Certification Preparation for AWS

course-steps 18 certification 1 lab-steps 6 quiz-steps 1

Contents

keyboard_tab
Course Introduction
1
Introduction4m 21s
Intrusion Detection and Prevention
2
IDS/IPS in Detail5m 13s
3
Rule Writing6m 43s
4
Responding to Incidents4m 9s
5
Architecting for IDS/IPS7m 51s
6
Administering and Managing on IDS/IPS7m 7s
7
Partner Solutions1m 1s
Course Conclusion
8
Summary1m 17s
play-arrow
Start course
Overview
Transcript
DifficultyIntermediate
Duration38m
Students316

Description

Course Description:

In this course we will discuss the fundamentals of Intrusion Detection and Prevention on Amazon Web Services. We will explore the difference between IDS and IPS, and the difference between host-based Intrusion Prevention, and Network based Intrusion prevention. We’ll also discuss the various AWS architectures, how do you place an IPS, how do you write rules, how do you respond to the incidents that have been detected, and finally the partner solutions available for intrusion prevention with Amazon web services.

Intended audience:

  • This course is for developers or operations engineers looking to deploy security solutions applications in production AWS platform
  • People studying for the AWS Security Specialty Certification exam

Pre-requisites:

  • Implementation experience with enterprise security packages
  • Familiarity with industry compliance and security standards including PCI DSS, ISO 27001, HIPAA, and NIST
  • Experience on architectures meeting industry standards such as SAS70, SOC1, FISMA etc.
  • Fundamental understanding of TCP/IP protocols and packet analysis

Learning objectives:

  • Recognize and explain the basics of Intrusion detection/prevention
  • Recognize and explain best practices in designing intrusion detection/prevention architecture
  • Recognize and explain the different types of rules that can be written
  • Recognize and explain core concepts of Incident response
  • Recognize and be able to implement how to go about writing rules
  • Gain an introduction to the various partner solutions available for IDS/IPS on AWS

This Course Includes:

35 minutes of high-definition video.

What You'll Learn:

  • Course Intro: What to expect from this course:
  • Fundamentals of Intrusion Detection and Preventions: In this lesson we’ll define intrusion detection, and discuss AWS responsibility for security in the cloud, firewalls, and alerts.
  • IDS/IPS in Detail: In this lesson we’ll dig deeper into the system architecture associated with IDS/IPS.
  • Rule Writing: In this lesson we’ll go through rule options.
  • Responding to Incidents: In this lesson we’ll look at how incidents are detected and the process for responding to them.
  • Architecting IDS/IPS for AWS: In this lesson we’ll look at the various flavors of AWS architectures available and how we will architect the location and the placement of IDS and IPS devices in these architectures.
  • Administering and Managing the IDS/IPS: In this lesson we’ll spend some time talking about some best practices in administering and managing your IDS and IPS.
  • Partner Solutions: In this lesson we’ll look at the partners who offer IPS.
  • Conclusion: A summary and review of what you have learned.

About the Author

Vish Chidambaram is an Award-winning Enterprise Security Leader with 18+ years of experience skilled in areas spanning Automation, Security Operation Analytics and Reporting, Threat Management Life cycle, Agile/DevOps environments, SaaS/Cloud security, Business Development/Consulting, Program Management and more. Most Recently Vish was the CISO at Rubicon Project, which is a SaaS based ad marketplace where he was responsible for securing a high performance SaaS platform with 40billion transactiions per day. He pioneered the integration of security in DevOps, by using automation, orchestration and machine learning tools He is passionate about teaching security and believes staying current is particularly relevant in the security industry. He also mentors security professionals and advises them thru career transitions. and details can be found at datacoreacademy.com or writing to info@datacoreacademy.com His linked in page is https://www.linkedin.com/in/vish-chidambaram/