Mastering Security Tools on Amazon Cloud- AWS [updated]

When you are building your career around Cloud Computing, specially AWS, you are not just expected to develop and host an application full of features with great User Interface. But you have to keep all your resources compliant and Secure. Most of the people who take Cloud certifications, usually forget to learn AWS Security tools and services, or if they learn, they can spend adequate time for learning various security features. This is helps you learn and master various Security tools and services available on AWS Cloud. In this course you will learn about the following services:

AWS Artifact

No cost, self-service portal for on-demand access to AWS compliance reports for cloud resources.

CloudHSM

It is a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud. With CloudHSM, you can manage your own encryption keys. CloudHSM offers you the flexibility to integrate with your applications using industry-standard APIs, such as Java Cryptography Extensions (JCE), Microsoft CryptoNG (CNG) libraries and more.

Certificate Manager

It is a service that lets you easily provision, manage, and deploy public and private SSL/TLS (Secure Sockets Layer/Transport Layer Security) certificates for use with AWS services and your internal connected resources.

Secrets Manager

It helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text.

Directory Service

It provides multiple ways to use Microsoft Active Directory (AD) with other AWS services. Directories store information about users, groups, and devices, and administrators use them to manage access to information and resources.

Guard Duty

It is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.

Inspector

It is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.

Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices.

Single Sign-On

It is a cloud service that allows you to grant your users access to AWS resources, such as Amazon EC2 instances, across multiple AWS accounts.

WAF and Shield

It is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to an Amazon CloudFront distribution, an Amazon API Gateway REST API, or an Application Load Balancer. AWS WAF also lets you control access to your content.