DevSecOps & AWS Cloud Security

Security integrated into every phase of the software delivery lifecycle — from code to cloud.

P

Plan

Threat Model

▶

C

Code

Secure Code

▶

B

Build

SCA

▶

T

Test

SAST / DAST

▶

R

Release

Sign / Verify

▶

D

Deploy

IAM / EKS

▶

O

Operate

Security Hub

▶

M

Monitor

CloudTrail

Continuous Security — every stage has a security gate

30

Explainers

13

Labs

19

Docs

7

Categories

Day 1 · 4 hrs

DevSecOps Fundamentals

Threat modeling, STRIDE/DREAD/PASTA, pipeline security, SAST/DAST/SCA

▶

Day 2 · 2.5 hrs

AWS Cloud Security

Security principles, shared responsibility, CodePipeline, CloudTrail

▶

Day 2 · 1.5 hrs

Advanced AWS Security

EKS security, Security Hub, IAM best practices, MFA

No topics match your search.

🛡

DevSecOps Fundamentals

6 topics

What Is DevSecOps?

DevSecOps overview, shift-left security, best practices, and tools landscape

Threat Modeling Fundamentals

Proactive threat identification, 4-step process, tools, and banking use case

STRIDE, DREAD & PASTA

Three threat modeling frameworks compared — scoring, stages, and real-world examples

DevSecOps Pipeline Security

Pipeline phases from Plan to Monitor with security gates at every stage

DevSecOps Tools Landscape

Tool categories, selection criteria, and integration patterns

Debugging in DevSecOps

Strategies for debugging security issues in CI/CD pipelines

🔍

Application Security Testing

5 topics

SAST — Static Analysis

Analyze source code without execution — Semgrep, SonarQube, Checkmarx

DAST — Dynamic Analysis

Test running applications for vulnerabilities — OWASP ZAP, Burp Suite

SCA — Dependency Analysis

Open-source vulnerability scanning — OWASP Dependency-Check, Snyk

SAST vs DAST vs SCA

Side-by-side comparison — what they test, when they run, and trade-offs

Penetration Testing

Types, methodologies, and automated pen testing with OWASP ZAP

🔐

Secure Development

2 topics

Vulnerability Management

Full lifecycle — discover, prioritize, remediate, and verify vulnerabilities

Secure Coding Techniques

Input validation, output encoding, authentication, and error handling

🎯

Security Principles

4 topics

Security Principles

Defense in Depth, Least Privilege, Authentication vs Authorization

Confidentiality, Integrity, Availability — the three pillars of information security

The 10 most critical web application security risks explained

CIS Controls Framework

All 18 CIS Controls grouped by Implementation Groups

☁

AWS Cloud Security

5 topics

AWS Shared Responsibility Model

What AWS secures vs what you secure — mapped by service type

CodePipeline Security

Data protection, IAM, KMS encryption, and compliance in CI/CD

Debugging AWS Security

Debug IAM, CodePipeline, and security group misconfigurations

IAM Best Practices

MFA, least privilege, roles over access keys, CloudTrail monitoring

Threat Modeling: E-Commerce

Real-world case study applying threat modeling to payment systems

🛡

AWS Security Services

5 topics

Amazon EKS Security

EKS architecture, private endpoints, certificate signing, IRSA

AWS Security Hub

Centralized security view, automated compliance checks, findings

Amazon GuardDuty

Intelligent threat detection using CloudTrail, VPC Flow Logs, DNS

Key types, envelope encryption, rotation, and service integration

Amazon Inspector

Automated vulnerability scanning for EC2 and container workloads

🔒

Data Protection

2 topics

ML-powered sensitive data discovery and PII detection in S3

Resource inventory, configuration compliance, and remediation rules