Five-Project Series

AWS Security: Audit and Intrusion Detection Automation you own this product

prerequisites
basic knowledge of *nix/bash command shell • basic knowledge of the Git version control system • hands-on experience with AWS CloudFormation • Intermediate knowledge of AWS accounts and AWS Organizations
skills learned
automate security control configuration, develop mechanisms for test automation and change control based on CI/CD • restrict access to resources with organizations service control policies • hands-on experience with AWS CloudTrail, Amazon GuardDuty, AWS Identity and Access Management, AWS Lambda, Amazon CloudWatch Logs, and AWS CodeBuild
Earn a Certificate of Completion with this liveProject series
Eric Kascic
5 weeks · 6-8 hours per week average · INTERMEDIATE
filed under
includes 5 liveProjects
liveProject $49.99 $69.99 self-paced learning

Making the front page news would be great for a company...if it’s for the right reasons. Qrypto Tremolo is an up-and-coming startup that develops next-generation financial services. As is typical with startups, its business management team has prioritized feature delivery over security. You’ve been hired by the startup to add security controls to its application developers’ accounts…and stop the company from making front page news for the wrong reasons.

Your goal is to provide security controls that improve observability of possible security events and avoid impacting the application developers. Since this task is solely your responsibility, you must maximize automation so that you can roll out changes quickly and reliably. To achieve your goals, you’ve chosen the following security services: AWS CloudTrail, Amazon GuardDuty, and the service control policy feature of AWS Organizations.

For more on AWS security, please see AWS Security: Compliance and Observability.

These projects are designed for learning purposes and are not complete, production-ready applications or solutions.
How to get your FREE
Certificate of Completion
  • Finish all the projects in this liveProject series
  • Take a short online test
  • Answer questions from the liveProject mentor
That's it!

The topics and techniques are important and very useful. It's hard to collect all this on yourself, so packaged in a project is nice.

Håvard Wall

here's what's included

Project 1 CloudTrail Automation

In this liveProject, you’ll bring visibility to customer AWS accounts using AWS CloudTrail, a vital tool that provides insight into all API actions invoked in consumer accounts. To achieve your objective, you’ll iteratively develop infrastructure as code in the form of AWS CloudFormation templates, then learn to address cross-account automation issues.

$29.99 FREE
try now
Project 2 CloudTrail Test and CI/CD

In this liveProject, you’ll ensure that Qrypto Tremolo’s security team can make incremental, verifiable changes to its AWS CloudTrail configuration. To achieve this, you’ll develop a suite of automated tests and CI/CD CodeBuild pipelines to deploy and test changes across the organization.

$29.99 $19.99
add to cart
Project 3 GuardDuty Intrusion Detection

In this liveProject, you’ll set up the intrusion detection service Amazon GuardDuty to help catch any hackers who may be trying to break in—or who already have and are up to no good! To achieve this goal, you’ll iteratively develop infrastructure as code in the form of AWS CloudFormation templates, then learn to address cross-account automation issues.

$29.99 $19.99
add to cart
Project 4 GuardDuty Test and CI/CD

In this liveProject, you’ll ensure that the security team can make incremental, verifiable changes to its Amazon GuardDuty intrusion detection configuration. You’ll develop a suite of automated tests and CI/CD AWS CodeBuild pipelines to deploy and test changes across the organization.

$29.99 $19.99
add to cart
Project 5 Organizations Service Control Policy

In this liveProject, you’ll leverage organizations service control policies to protect administrative and security resources in the accounts used by development teams where these teams have privileged access. Specifically, you will add automation to restrict access of local administrators (and intruders!) to any AWS CloudTrail and Amazon GuardDuty resources located in the accounts. Without these protections, the security controls we have put in place for audit, forensic analysis, and intrusion detection can be interfered with by the local administrators.

$29.99 $19.99
add to cart

books resources

When you start each of the projects in this series, you'll get full access to the following books for 90 days.

The free project does not include full access to these Manning books. Purchase the full series to unlock this access in the free project, too!

project author

Eric Kascic

Eric Kascic is a software developer with 25 years of professional experience. He has developed software solutions across a variety of business domains including telecommunications, medical imagery, and financial services. He has developed embedded, desktop, and server-side software, and has specialized in creating build, deployment, and test automation systems.

Since 2013, he has primarily focused on the AWS platform. At Stelligent, a boutique consulting firm that traditionally specialized in CI/CD, DevOps, and AWS automation, he developed CI/CD solutions for the AWS platforms of financial services companies. In developing infrastructure-as-code solutions, security was a primary focus. Eric invented the cfn_nag tool in 2016 to perform static analysis on CloudFormation templates to help customers prevent deploying unsecured AWS resources (such as those missing encryption or with overly permissive access).

He is currently a principal security engineer at a financial services company where he develops software to support security processes including automation of AWS IAM role creation, as well as a platform to detect and remediate insecure AWS resources across hundreds of accounts. Eric has published several articles relevant to security automation in AWS, including articles about cfn_nag, IAM, CloudFormation, and CI/CD.

Prerequisites

This liveProject series is intended for security engineers with intermediate experience in AWS and infrastructure as code. You will need the following:

TOOLS
  • Basic knowledge of *nix/bash command shell, including pipes, redirection, command substitution
  • Intermediate knowledge of Python 3, including lists, sets, dicts, loops, comprehensions, functions, conditionals
  • Basic knowledge of the Git version control system
  • Basic hands-on experience with AWS CloudFormation
  • Intermediate hands-on experience with the AWS CLI
TECHNIQUES
  • Intermediate understanding of cloud computing and the AWS platform
  • Basic understanding of “infrastructure as code”
  • Basic understanding of security concepts

Note: For all projects in this series beware that it costs money to deploy AWS resources and leave them running. The costs depend upon the type of resource.

you will learn

This liveProject series guides learners through building the automation to configure security controls for AWS accounts. It focuses on audit and intrusion detection by automating the configuration of AWS CloudTrail, Amazon GuardDuty, and organizations service control policies. The primary objective is developing mechanisms for test automation and change control based on principles of continuous integration/continuous delivery.

  • Automate AWS CloudTrail configuration
  • Develop automated tests
  • Develop CI/CD CodeBuild pipelines
  • Set up Amazon GuardDuty’s intrusion detection system
  • Restrict access to resources with organizations service control policies
  • Search AWS CloudTrail events through Amazon CloudWatch Logs
  • Develop infrastructure as code with AWS CloudFormation templates

features

Self-paced
You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
Certificate of Completion
Earn a certificate of completion, including a badge to display on your resume, LinkedIn page, and other social media, after you complete this series.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.
How to get your FREE
Certificate of Completion
  • Finish all the projects in this liveProject series
  • Take a short online test
  • Answer questions from the liveProject mentor
That's it!

The cloud security market is booming. The content offered for the project is quite good.

El Mokhtar Hasnabi
RECENTLY VIEWED