Recommended
Recommended
More Related Content
Similar to Free Course - Infrastructure Security Consultant course by Carlo Dapino
Similar to Free Course - Infrastructure Security Consultant course by Carlo Dapino (20)
Recently uploaded
Recently uploaded (20)
Free Course - Infrastructure Security Consultant course by Carlo Dapino
- 1. Infrastructure Security Consultant Course By Carlo Dapino _______________ INTRO COURSE 2021 - Copyright All Rights reserved - Security Boutique is a registered trademark
- 2. 2021 - Copyright All Rights reserved - Security Boutique is a registered trademark user@hostname:~$ whoami __________________
- 3. 2021 - Copyright All Rights reserved - Security Boutique is a registered trademark Target __________________ Visualize the big picture Review that, thinking like an attacker Connect the dots Evaluate Security Posture Propose changes
- 4. 2021 - Copyright All Rights reserved - Security Boutique is a registered trademark Audience __________________ Security Professionals CTOs IT staff Curious individuals
- 5. 2021 - Copyright All Rights reserved - Security Boutique is a registered trademark Chapter 1 - Infra Design security: - Overview infrastructure design - Web stack error response Vs. security and discovery - SSL end-points - double hop and various designes - on-prem. Vs. cloud infra design - end to end encryption Vs. security - API design Vs. security - CDN design Vs. security - VPN and headache (split tunnel, etc) - MPLS and headache (lateral move, etc) - trusted Vs. untrusted domain...can something be trusted? - DNS (in)security...why in cloud most implementation sucks - End point and no sense dogma - IAM, AAA, ZTA, SASE and a lot of marketing around - common architecture errors - common implementation issues Syllabus
- 6. 2021 - Copyright All Rights reserved - Security Boutique is a registered trademark Chapter 2 - Security controls design: - Reliability Engineering Vs. security - In Line and inspection design not always a solution - TAP issues (on-prem, cloud) - SSL certs management issues - API nightmare - ephemeral containers - How to standarize controls in a scattered IaaS, Paas and FaaS world - Service Mesh, VPC and SD-WAN networking issues - A/B testing and security - CI/CD+SecDevOps+SOAR when you thought to create a perfect cycle and you end-up with a Matrioska - DFIR automation and so little discussed - Orchestrator compromise and Management access attacks - Secrets and Vaults - Hardening, why it is your friend - DNS security also with DoH, etc - Application routing controls (SD-WAN, CDN, LB) Syllabus
- 7. 2021 - Copyright All Rights reserved - Security Boutique is a registered trademark Chapter 3 - Security integrator is the role you miss: - how to evaluate a security product - how to analyze redundancy of security controls - securing automation - obtain a unique view - agility != stupidity - Plug-in incident response at the right layer - DLP all talking about that but... - Chaos engineering applied to security Chapter 4 - Future picture - Attacker RaaS and Automation Vs. you - limit of MITRE ATT&CK - Session Hijack and your 3FA is gone - Device auth Vs. User auth, so much confusion around it - SOAR playbook anticipating your game - redirect all your traffic is the Ddos and availability attack of the future - Multi-cloud and hybrid deployment Vs. lateral move and new east<>west - JS/DOM and why your controls aren't up for the game Syllabus
- 8. 2021 - Copyright All Rights reserved - Security Boutique is a registered trademark Chapter 5 - Wrap-up - How keep in check the security posture Vs. infra road map - Understand how threats are becoming modular by frameworks and how you can spot it - Re:think design boundaries, especially about lateral move - Re:think collaboration across the organization also in terms of roles ______________________ COURSE is FREE ______________________ STAY TUNED and SUBSCRIBE https://www.youtube.com/channel/UCK0Z7e2riiRT8hRFvPfiMcw Syllabus