Nearly all applications contain some kind of sensitive personal information belonging to their users. In a modern cloud environment, data like this is always in transit, and securing it is a major challenge in itself. You’ll find this course to be a detailed, comprehensive look at AWS secrets management in cloud-native environments: what works, what doesn’t, and everything you need to know to manage confidential data in AWS as securely as possible.
This course on secrets in AWS begins with an introduction where we talk about instances of bad AWS secrets management that have caused real-world security incidents. Using hands-on labs, you’ll learn common antipatterns, taking a Red Team approach to find secrets with various tools in different environments.
We’ll show you the best practices in secrets management and encryption with Amazon KMS, AWS Secrets Manager and Parameter Store. All of this will be taught with the help of practical labs deployed on the cloud so they serve as realistic simulations of cloud-native environments.
The material on this course is a distillation of years of security testing experience, knowledge, and original research across our entire team. It’s why we’ve put such a strong focus on real-world techniques, challenges and scenarios that you’ll be able to directly make use of when securing actual cloud deployments.
A Tour of AWS Key Management Service (KMS)
Implementing AWS Secrets and Encryption in a Real-World App