- Basic Linux skills (Bash scripting, start/stop service, create a user, basis sysadmin)
- Basic Ruby/Rails (install Ruby, Rails, Gems, write basic Ruby scripts)
- Networking Basics (common network protocols & ports)
- Introductions
- What is DevSecOps?
- Lab Guides
- Ruby
- Rails
- Bash Scripting
- AWS CLI
- AWS SDK
- Basic AWS Deployment
- Deploy vulnerable app to AWS.
- Attack the app using different techniques (e.g. OWASP Top 10)
- Tools of the trade:
- Nmap
- Metasploit
- SQLMap
- Learn tools to detect attacks, instrument app to detect attacks
- Execute Incident response (contain / burn it down)
- Keep the app alive (tension of burn-down the compromised one vs service availability)
- Splunk / Log collection
- Application Logs
- Developing for Resilience.
- Service Oriented Architecture (SOA).
- Stacker
- Gauntlt
- AutoScale
- Least Privileges (IAM, OS hardening, run the app as a non-priv user)
- CloudWatch
- Control-Plane Pattern
- Account Takeover
- Privilege escalation
- Horizontal movement
- Bad patterns (VPN, network layer coupling, tight coupling, etc)
- Selfie
- Splunk alerts
- Incident response in AWS, respond faster
Capstone Project
- Hack lab – build an infrastructure from a template, make it better on the fly, keep it alive while others attack it and while attacking others (Capture the Flag).
- Demos