• DevOpsCertification, India
  • contact@devopssupport.in
  • Home
  • Master in DevOps Engineering (MDE)

Master in DevOps Engineering (MDE)

We are Offering Online Training

Trained 8000+ Students Multiple Location Job Oriented Courses
Validate your technical skills and expertise with an industry-recognized credential and grow your career.
images

4.8/5.0

Reviews Rating

140 - 180

Hours Training

4036 +

Participants

10

Sets

Free Test

Format

Practice Exam

No. of Hands-on Labs

O Labs

No. of Questions

20 Questions

No. of Tests

1 Test

0/-
Practice Tests

Format

Practice Exam

No. of Hands-on Labs

O Labs

No. of Questions

20 Questions

No. of Tests

1 Test

99999/-
Online Course

Format

Practice Exam

No. of Hands-on Labs

O Labs

No. of Questions

20 Questions

No. of Tests

1 Test

99999/-

Real Exam Format and Information

Certification Name AWS Certified Solutions Architect Associate

Exam Duration 130 Minutes

Number of Questions 60-70

Exam Fee $150

Validity 3 years

Certification Exam Code SAA-C01 & SAA-C02

Exam Format Multiple Choice and Multiple Answer Type Exam

Passing Score 70-75%

Eligibility/Pre-requisite None

Exam Languages English, Japanese, Korean, and Simplified Chinese

Why Choose Us?

Practice Questions

7 Full-length Mock Exams (600+ unique AWS Solutions Architect Associate certification exam practice questions)

Online Course

17 hours 47 minutes Training Videos for all the certification exam objectives. You will be amazed by the way of explaining the concepts that are very easy to understand.

Experts Support

Our support team consists of AWS Experts, ready to clarify all your questions.

Section Quiz

10+ section quiz covering most important topics for the exam (VPC, S3, EFS, API Gateway, ECS, Lambda, EBS, STS, SNS, SQS, ELB, Route 53, etc.)

Labs

Free access to labs to test your knowledge on AWS environment. Covering all the important topics like S3, EC2, VPC, SNS, CloudWatch, DynamoDB, CloudFormation etc.

Testimonials/Feedback

AWS Solutions Architect Associate Exam Feedback from Our Customers

Agenda of the Training Master In DevOps Engineering Download Curriculum

SDLC Models & Architecture with Agile, DevOps, SRE & DevSecOps, SOA & Micro services - Concept

  1. Lets Understand about Software Development Model
  2. Overview of Waterfall Development Model
  3. Challenges of Waterfall Development Model
  4. Overview of Agile Development Model
  5. Challenges of Agile Development Model
  6. Requirement of New Software Development Model
  7. Understaning a existing Pain and Waste in Current Software Development Model
  8. What is DevOps?
    1. Transition in Software developement model
    2. Waterfall -> Agile -> CI/CD -> DevOps -> DevSecOps
  9. Understand DevOps values and principles
  10. Culture and organizational considerations
  11. Communication and collaboration practices
  12. Improve your effectiveness and productivity
  13. DevOps Automation practices and technology considerations
  14. DevOps Adoption considerations in an enterprise environment
  15. Challenges, risks and critical success factors
  16. What is DevSecOps?
    1. Lets Understand DevSecOps Practices and Toolsets.
  1. What is SRE?
    1. Lets Understand SRE Practices and Toolsets.
  2. List of Tools to become Full Stack Developer/QA/SRE/DevOps/DevSecOps
  3. Microservices Fundamentals
  4. Microservices Patterns
    1. Choreographing Services
    2. Presentation components
    3. Business Logic
    4. Database access logic
    5. Application Integration
    6. Modelling Microservices
    7. Integrating multiple Microservices
  5. Keeping it simple
    1. Avoiding Breaking Changes
    2. Choosing the right protocols
    3. Sync & Async
    4. Dealing with legacy systems
    5. Testing
  6. What and When to test
  7. Preparing for deployment
  8. Monitoring Microservice Performance
  9. Tools used for Microservices Demo using container

Ubuntu

  1. Installing CentOS7 and Ubuntu
  2. Accessing Servers with SSH
  3. Working at the Command Line
  4. Reading Files
  5. Using the vi Text Editor
  6. Piping and Redirection
  7. Archiving Files
  8. Accessing Command Line Help
  9. Understanding File Permissions
  10. Accessing the Root Account
  11. Using Screen and Script
  12. Overview of Hypervisor
  13. Introduction of VirtualBox
  14. Install VirtualBox and Creating CentOS7 and Ubuntu Vms

Vagrant

  1. Understanding Vagrant
  2. Basic Vagrant Workflow
  3. Advance Vagrant Workflow
  4. Working with Vagrant VMs
  5. The Vagrantfile
  6. Installing Nginx
  7. Provisioning
  8. Networking
  9. Sharing and Versioning Web Site Files
  10. Vagrant Share
  11. Vagrant Status
  12. Sharing and Versioning Nginx Config Files
  13. Configuring Synced Folders

  1. Introduction of AWS
  2. Understanding AWS infrastructure
  3. Understanding AWS Free Tier
  4. IAM: Understanding IAM Concepts
  5. IAM: A Walkthrough IAM
  6. IAM: Demo & Lab
  7. Computing:EC2: Understanding EC2 Concepts
  8. Computing:EC2: A Walkthrough EC2
  9. Computing:EC2: Demo & Lab
  10. Storage:EBS: Understanding EBS Concepts
  11. Storage:EBS: A Walkthrough EBS
  12. Storage:EBS: Demo & Lab
  13. Storage:S3: Understanding S3 Concepts
  14. Storage:S3: A Walkthrough S3
  15. Storage:S3: Demo & Lab
  1. Storage:EFS: Understanding EFS Concepts
  2. Storage:EFS: A Walkthrough EFS
  3. Storage:EFS: Demo & Lab
  4. Database:RDS: Understanding RDS MySql Concepts
  5. Database:RDS: A Walkthrough RDS MySql
  6. Database:RDS: Demo & Lab
  7. ELB: Elastic Load Balancer Concepts
  8. ELB: Elastic Load Balancer Implementation
  9. ELB: Elastic Load Balancer: Demo & Lab
  10. Networking:VPC: Understanding VPC Concepts
  11. Networking:VPC: Understanding VPC components
  12. Networking:VPC: Demo & Lab

  1. What is Containerization?
  2. Why Containerization?
  3. How Docker is good fit for Containerization?
  4. How Docker works?
  5. Docker Architecture
  6. Docker Installations & Configurations
  7. Docker Components
  8. Docker Engine
  9. Docker Image
  10. Docker Containers
  11. Docker Registry
  12. Docker Basic Workflow
  13. Managing Docker Containers
  14. Creating our First Image
  15. Understading Docker Images
  16. Creating Images using Dockerfile
  17. Managing Docker Images
  18. Using Docker Hub registry
  1. Docker Networking
  2. Docker Volumes
  3. Deepdive into Docker Images
  4. Deepdive into Dockerfile
  5. Deepdive into Docker Containers
  6. Deepdive into Docker Networks
  7. Deepdive into Docker Volumes
  8. Deepdive into Docker Volume
  9. Deepdive into Docker CPU and RAM allocations
  10. Deepdive into Docker Config
  11. Docker Compose Overview
  12. Install & Configure Compose
  13. Understanding Docker Compose Workflow
  14. Understanding Docker Compose Services
  15. Writing Docker Compose Yaml file
  16. Using Docker Compose Commands
  17. Docker Compose with Java Stake
  18. Docker Compose with Rails Stake
  19. Docker Compose with PHP Stake
  20. Docker Compose with Nodejs Stake

  1. Overview of Jira
  2. Use cases of Jira
  3. Architecture of Jira
  4. Installation and Configuraration of Jira in Linux
  5. Installation and Configuraration of Jira in Windows
  6. Jira Terminologies
  7. Understanding Types of Jira Projects
  8. Working with Projects
  9. Working with Jira Issues
  10. Adding Project Components and Versions
  11. Use Subtasks to Better Manage and Structure Your Issues
  12. Link Issues to Other Resources
  13. Working in an Agile project
  14. Working with Issues Types by Adding/Editing/Deleting
  15. Working with Custom Fields by Adding/Editing/Deleting
  16. Working with Screens by Adding/Editing/Deleting
  17. Searching and Filtering Issues
  18. Working with Workflow basic
  19. Introduction of Jira Plugins and Addons.
  20. Jira Integration with Github
  1. Exploring Confluence benefits and resources
  2. Configuring Confluence
  3. Navigating the dashboard, spaces, and pages
  4. Creating users and groups
  5. Creating pages from templates and blueprints
  6. Importing, updating, and removing content
  7. Giving content feedback
  8. Watching pages, spaces, and blogs
  9. Managing tasks and notifications
  10. Backing up and restoring a site
  11. Admin tasks

  1. Planning - Discuss some of the Small Project Requirement which include
  2. Login/Registertration with Some Students records CRUD operations.
  3. Design a Method --> Classes -> Interface using Core Python
    1. Fundamental of Core Python with Hello-world Program with Method --> Classes
  4. Coding in Flask using HTMl - CSS - JS - MySql
    1. Fundamental of Flask Tutorial of Hello-World APP
  5. UT - 2 Sample unit Testing using Pythontest
  6. Package a Python App
  7. AT - 2 Sample unit Testing using Selenium

Technology Demonstration

  1. Software Planning and Designing using JAVA
  2. Core Python
  3. Flask
  4. mySql
  5. pytest
  6. Selenium
  7. HTMl
  8. CSS
  9. Js.

  1. Introduction of Git
  2. Installing Git
  3. Configuring Git
  4. Git Concepts and Architecture
  5. How Git works?
  6. The Git workflow
    1. Working with Files in Git
    2. Adding files
    3. Editing files
    4. Viewing changes with diff
    5. Viewing only staged changes
    6. Deleting files
    7. Moving and renaming files
    8. Making Changes to Files
  1. Undoing Changes
    1. - Reset
    2. - Revert
  2. Amending commits
  3. Ignoring Files
  4. Branching and Merging using Git
  5. Working with Conflict Resolution
  6. Comparing commits, branches and workspace
  7. Working with Remote Git repo using Github
  8. Push - Pull - Fetch using Github
  9. Tagging with Git

  1. What is SonarQube?
  2. Benefits of SonarQube?
  3. Alternative of SonarQube
  4. Understanding Various License of SonarQube
  5. Architecture of SonarQube
  6. How SonarQube works?
  7. Components of SonarQube
  8. SonarQube runtime requirements
  9. Installing and configuring SonarQube in Linux
  10. Basic Workflow in SonarQube using Command line
  11. Working with Issues in SonarQube
  1. Working with Rules in SonarQube
  2. Working with Quality Profiles in SonarQube
  3. Working with Quality Gates in SonarQube
  4. Deep Dive into SonarQube Dashboard
  5. Understanding Seven Axis of SonarQube Quality
  6. Workflow in SonarQube with Maven Project
  7. Workflow in SonarQube with Gradle Project
  8. OWASP Top 10 with SonarQube

  1. Introduction to Apache Maven
  2. Advantage of Apache Maven over other build tools
  3. Understanding the Maven Lifecycle and Phase
  4. Understanding the Maven Goals
  5. Understanding the Maven Plugins
  6. Understanding the Maven Repository
  7. Understanding and Maven Release and Version
  8. Prerequisite and Installing Apache Maven
  9. Understanding and using Maven Archetypes
  10. Understanding Pom.xml and Setting.xml
  11. Playing with multiples Maven Goals
  12. Introducing Maven Dependencies
  13. Introducing Maven Properties
  14. Introducing Maven Modules
  15. Introducing Maven Profile
  16. Introducing Maven Plugins
  17. How can Maven benefit my development process?
  18. How do I setup Maven?
  19. How do I make my first Maven project?
  20. How do I compile my application sources?
  21. How do I compile my test sources and run my unit tests?
  22. How do I create a JAR and install it in my local repository?
  23. How do I use plugins?
  24. How do I add resources to my JAR?
  25. How do I filter resource files?
  26. How do I use external dependencies?
  27. How do I deploy my jar in my remote repository?
  28. How do I create documentation?
  29. How do I build other types of projects?
  30. How do I build more than one project at once?
  1. What is Gradle?
  2. Why Gradle?
  3. Installing and Configuring Gradle
  4. Build Java Project with Gradle
  5. Build C++ Project with Gradle
  6. Build Python Project with Gradle
  7. Dependency Management in Gradle
  8. Project Structure in Gradle
  9. Gradle Tasks
  10. Gradle Profile and Cloud
  11. Gradle Properties
  12. Gradle Plugins

Artifactory

  1. Artifactory
    1. Artifactory Overview
    2. Understanding a role of Artifactory in DevOps
    3. System Requirements
    4. Installing Artifactory in Linux
    5. Using Artifactory
    6. Getting Started
    7. General Information
    8. Artifactory Terminology
    9. Artifactory Repository Types
    10. Artifactory Authentication
    11. Deploying Artifacts using Maven
    12. Download Artifacts using Maven
    13. Browsing Artifactory
    14. Viewing Packages
    15. Searching for Artifacts
    16. Manipulating Artifacts

Packer

  1. Packer
  2. Getting to Know Packer
    1. What is Packer?
    2. Save What is Packer?
    3. Installing Packer
    4. Save Installing Packer
    5. The Packer workflow and components
    6. Save The Packer workflow and components
    7. The Packer CLI
    8. Save The Packer CLI
  3. Baking a Website Image for EC2
  4. Select an AWS AMI base
  5. Save Select an AWS AMI base
  6. Automate AWS AMI base build
  7. Save Automate AWS AMI base build
  8. Using build variables
  9. Save Using build variables
  10. Provision Hello World
  11. Save Provision Hello World
  12. Provision a basic site
  13. Save Provision a basic site
  14. Customization with a Config Management Tool
    1. Simplify provisioning with a config tool
    2. Save Simplify provisioning with a config tool
    3. Use ansible to install the webserver
    4. Save Use ansible to install the webserver
    5. Debugging
    6. Save Debugging
  15. Building Hardened Images
    1. Use Ansible modules to harden our image
    2. Save Use Ansible modules to harden our image
    3. Baking a Jenkins image
    4. Save Baking a Jenkins image
  16. Building a Pipeline for Packer Image
    1. Validate Packer templates
    2. Save Validate Packer templates
    3. Create a manifest profile
    4. Save Create a manifest profile
    5. Testing
    6. Save Testing
    7. CI pipeline
    8. Save CI pipeline

Junit

  1. - What is Unit Testing?
  2. - Tools for Unit Testing
  3. - What is Junit?
  4. - How to configure Junit?
  5. - Writing Basic Junit Test cases
  6. - Running Basic Junit Test cases
  7. - Junit Test Results

Selenium

  1. Introduction to Selenium
  2. Components of Selenium
    1. - Selenium IDE
    2. - Selenium Web driver
    3. - Selenium Grid
  3. Installing and Configuring Selenium
  4. Working with Selenium IDE
  5. Working With Selenium Web driver with Java Test Case Setup and Working with Selenium Grid
  6. Setup and Working with Selenium Grid

Jacoco

  1. Overview of Code coverage process
  2. Introduction of Jacoco
  3. How Jacoco works!
  4. How to install Jaoco?
  5. Setup testing Environment with Jacoco
  6. Create test data files using Jacoco and Maven
  7. Create a Report using Jacoco
  8. Demo - Complete workflow of Jacoco with Maven and Java Project

  1. Overflow of Configuration Management
  2. Introduction of Ansible
  3. Ansible Architecture
  4. Let’s get startted with Ansible
  5. Ansible Authentication & Authorization
  6. Let’s start with Ansible Adhoc commands
  7. Let’s write Ansible Inventory
  1. Let’s write Ansible Playbook
  2. Working with Popular Modules in Ansible
  3. Deep Dive into Ansible Playbooks
  4. Working with Ansible Variables
  5. Working with Ansible Template
  6. Working with Ansible Handlers
  7. Roles in Ansible
  8. Ansible Galaxy

  1. Understanding the Need of Kubernetes
  2. Understanding Kubernetes Architecture
  3. Understanding Kubernetes Concepts
  4. Kubernetes and Microservices
  5. Understanding Kubernetes Masters and its Component
    1. kube-apiserver
    2. etcd
    3. kube-scheduler
    4. kube-controller-manager
  6. Understanding Kubernetes Nodes and its Component
    1. kubelet
    2. kube-proxy
    3. Container Runtime
  7. Understanding Kubernetes Addons
    1. DNS
    2. Web UI (Dashboard)
    3. Container Resource Monitoring
    4. Cluster-level Logging
  1. Understand Kubernetes Terminology
  2. Kubernetes Pod Overview
  3. Kubernetes Replication Controller Overview
  4. Kubernetes Deployment Overview
  5. Kubernetes Service Overview
  6. Understanding Kubernetes running environment options
  7. Working with first Pods
  8. Working with first Replication Controller
  9. Working with first Deployment
  10. Working with first Services
  11. Introducing Helm
  12. Basic working with Helm

  1. Introduction
  2. What's the Scenario?
  3. Terraform Components
  1. Introduction
  2. Terraform State and Update
  3. What's the Scenario?
  4. Data Type and Security Groups
  1. Introduction
  2. What's the Scenario?
  3. Terraform Provisioners
  4. Terraform Syntax
  1. Introduction
  2. What's the Scenario?
  3. Terraform Providers
  4. Terraform Functions
  5. Intro and Variable
  6. Resource Creation
  7. Deployment and Terraform Console
  8. Updated Deployment and Terraform Commands

  1. Lets understand Continuous Integration
  2. What is Continuous Integration
  3. Benefits of Continuous Integration
  4. What is Continuous Delivery
  5. What is Continuous Deployment
  6. Continuous Integration Tools

  1. What is Jenkins
  2. History of Jenkins
  3. Jenkins Architecture
  4. Jenkins Vs Jenkins Enterprise
  5. Jenkins Installation and Configurations

  1. Jenkins Dashboard Tour
  2. Understand Freestyle Project
  3. Freestyle General Tab
  4. Freestyle Source Code Management Tab
  5. Freestyle Build Triggers Tab
  6. Freestyle Build Environment
  7. Freestyle Build
  8. Freestyle Post-build Actions
  9. Manage Jenkins
  10. My Views
  11. Credentials
  12. People
  13. Build History

  1. Creating a Simple Job
  2. Simple Java and Maven Based Application
  3. Simple Java and Gradle Based Application
  4. Simple DOTNET and MSBuild Based Application

  1. Jobs Scheduling in Jenkins
  2. Manually Building
  3. Build Trigger based on fixed schedule
  4. Build Trigger by script
  5. Build Trigger Based on pushed to git
  6. Useful Jobs Configuration
  7. Jenkins Jobs parameterised
  8. Execute concurrent builds
  9. Jobs Executors
  10. Build Other Projects
  11. Build after other projects are built
  12. Throttle Builds

  1. Jenkins Plugins
  2. Installing a Plugin
  3. Plugin Configuration
  4. Updating a Plugin
  5. Plugin Wiki
  6. Top 20 Useful Jenkins Plugins
  7. Using Jenkins Pluginss Best Practices
  1. Jenkins Node Managment
  2. Adding a Linux Node
  3. Adding a Windows Nodes
  4. Nodes Management using Jenkins
  5. Jenkins Nodes High Availability

  1. Jenkins Integration with other tools
  2. Jira
  3. Git
  4. SonarQube
  5. Maven
  6. Junit
  7. Ansible
  8. Docker
  9. AWS
  10. Jacoco
  11. Coverity
  12. Selenium
  13. Gradle

  1. Reports in Jenkins
  2. Junit Report
  3. SonarQube Reports
  4. Jacoco Reports
  5. Coverity Reports
  6. Selenium Reports
  7. Test Results
  8. Cucumber Reports

  1. Jenkins Node Managment
  2. Adding a Linux Node
  3. Adding a Windows Nodes
  4. Nodes Management using Jenkins
  5. Jenkins Nodes High Availability

  1. Notification & Feedback in Jenkins
  2. CI Build Pipeline & Dashboard
  3. Email Notification
  4. Advance Email Notification
  5. Slack Notification

  1. Jenkins Advance - Administrator
  2. Security in Jenkins
  3. Authorization in Jenkins
  4. Authentication in Jenkins
  5. Managing folder/subfolder
  6. Jenkins Upgrade
  7. Jenkins Backup
  8. Jenkins Restore
  9. Jenkins Command Line

  1. Datadog provides real-time monitoring of your infrastructure and applications, allowing you to quickly identify and resolve issues before they impact your users.
  1. With Datadog, you can create customizable dashboards that give you a real-time view of your entire infrastructure. These dashboards can be tailored to your specific needs and can include metrics and alerts for all of your systems and applications.
  1. Datadog integrates with a wide range of third-party tools and services, allowing you to monitor and manage your entire IT stack from a single platform.
  1. Datadog provides collaboration tools that enable your IT team to work together to resolve issues quickly and efficiently.
  1. Datadog can be configured to automatically alert you when certain metrics or events occur. You can set up alerts for things like server downtime, high CPU usage, or application errors.
  1. Datadog collects and analyzes a wide range of metrics from your infrastructure and applications, including server performance, network traffic, and application logs.
  1. Datadog's machine learning capabilities can help you identify anomalies and patterns in your data, allowing you to proactively address issues before they become critical.

  1. What Is Splunk?
  2. Overview
  3. Machine Data
  4. Splunk Architecture
  5. Careers in Splunk

  1. Setting up the Splunk Environment
  2. Overview
  3. Splunk Licensing
  4. Getting Splunk
  5. Installing Splunk
  6. Adding Data to Splunk

  1. Basic Searching Techniques
  2. Adding More Data
  3. Search in Splunk
  4. Demo: Splunk Search
  5. Splunk Search Commands
  6. Splunk Processing Langauge
  7. Splunk Reports
  8. Reporting in Splunk
  9. Splunk Alerts
  10. Alerts in Splunk

  1. Enterprise Splunk Architecture
  2. Overview
  3. Forwarders
  4. Enterprise Splunk Architecture
  5. Installing Forwarders
  6. Installing Forwarders
  7. Troubleshooting Forwarder Installation
  1. Splunking for DevOps and Security
  2. Splunk in DevOps
  3. DevOps Demo
  4. Splunk in Security
  5. Enterprise Use Cases

  1. Application Development in Splunkbase
  2. What Is Splunkbase?
  3. Navigating the Splunkbase
  4. Creating Apps for Splunk
  5. Benefits of Building in Splunkbase

  1. Splunking on Hadoop with Hunk
  2. What Is Hadoop?
  3. Running HDFS Commands
  4. What Is Hunk?
  5. Installing Hunk
  6. Moving Data from HDFS to Hunk

  1. Composing Advanced Searches
  2. Splunk Searching
  3. Introduction to Advanced Searching
  4. Eval and Fillnull Commands
  5. Other Splunk Command Usage
  6. Filter Those Results!
  7. The Search Job Inspector

  1. Creating Search Macros
  2. What Are Search Macros?
  3. Using Search Macros within Splunk
  4. Macro Command Options and Arguments
  5. Other Advanced Searching within Splunk

  1. Introduction and Overview of NewRelic
  2. What is Application Performance Management?
  3. Understanding a need of APM
  4. Understanding transaction traces
  5. What is Application Performance?
  6. APM Benefits
  7. APM Selection Criteria
  8. Why NewRelic is best for APM?
  9. What is NewRelic APM?
  10. How does NewRelic APM work?
  11. NewRelic Architecture
  12. NewRelic Terminology

  1. Installing and Configuring NewRelic APM Agents for Application
  2. Register a Newrelic Trial account
  3. Installing a JAVA Agent to Monitor your Java Application
  4. Installing a PHP Agent to Monitor your PHP Application
  5. Installing New Relic Agent for .NET Framework Application
  6. Installing a Docker based Agent to Monitor your Docker based Application
  7. Understanding of NewRelic Configration settings of newrelic.yml
  8. Understanding of NewRelic Agent Configration settings

  1. Working with NewRelic Dashboard
  2. Understanding a transactions
  3. Understanding Apdex and Calculating and Setting Apdex Threshold
  4. Understanding Circuit break
  5. Understanding Throughput
  6. Newrelic default graphs
  7. Understanding and Configuring Service Maps
  8. Understanding and Configuring JVM
  9. Understanding Error Analytics
  10. Understanding Violations
  11. Understanding and Configuring Deployments
  12. Understanding and Configuring Thread Profiler
  13. Depp Dive into Transaction Traces
  14. Profiling with New Relic
  1. Creating and managing Alerts
  2. Working with Incidents
  3. Sending NewRelic Alerts to Slack
  4. Assessing the quality of application deployments
  5. Monitoring using Newrelic
  6. View your applications index
  7. APM Overview page
  8. New Relic APM data in Infrastructure
  9. Transactions page
  10. Databases and slow queries
  11. Viewing slow query details
  12. External services page
  13. Agent-specific UI
  14. Viewing the transaction map

  1. Deep Dive into Newrelic Advance
  2. Newrelic transaction alerts
  3. Configure abnd Troubleshoot and Cross Application Traces
  4. NewRelic Service Level Agreements
  5. Troubleshooting NewRelic
  6. Understanding and Configuring NewRelic X-Ray Sessions
  7. Deep Dive into NewRelic Agent Configuration
  8. Adding Custom Data with the APM Agent
  9. Extending Newrelic using Plugins
  10. Finding and Fixing Application Performance Issues with New Relic APM
  11. Setting up database montioring using Newrelic APM
  12. Setting up and Configuring Newrelic Alerts

  1. Working with NewRelic Performance Reports
  2. Availability report
  3. Background jobs analysis report
  4. Capacity analysis report
  5. Database analysis report
  6. Host usage report
  7. Scalability analysis report
  8. Web transactions analysis report
  9. Weekly performance report

Apache HTTP

  1. Introduction to web server
  2. Install Apache on CentOS 7.4
  3. Enable Apache to automatically start when system boot
  4. Configure the firewall service
  5. Where is Apache?
  6. Directory structure
    1. Apache directory structure
    2. Configuration file
    3. Create your first page
  7. Virtual hosts
    1. Setting up the virtual host - name based
    2. Setting up the virtual host - port based
  8. Using aliases and redirecting
  9. Configuring an alias for a url
  10. Redirects
  11. Logging
    1. The error log
    2. The access log
    3. Custom log
    4. Log rotation
  12. Security
    1. Basic Security - Part 1
    2. Basic Security - Part 2
    3. Set up TLS/SSl for free
    4. Basic authentication
    5. Digest authentication
    6. Access Control
    7. .htaccess (Administrator Side)
    8. .htaccess (User Side)
    9. Install and Configure antivirus
    10. Mitigate dos attacks - mod_evasive
  13. Apache Performance and Troubleshooting
    1. Apache Multi-Processing Modules (MPMs)
    2. Adjusting httpd.conf - Part 1
    3. Adjusting httpd.conf - Part 2
    4. Troubleshoot Apache (Analyz Access Log) - Part 1
    5. Troubleshoot Apache (Analyze Access Log) - Part 2
    6. Use Apachetop to monitor web server traffic

Nginx

  1. Overview
    1. Introduction
    2. About NGINX
    3. NGINX vs Apache
    4. Test your knowledge
  2. Installation
    1. Server Overview
    2. Installing with a Package Manager
    3. Building Nginx from Source & Adding Modules
    4. Adding an NGINX Service
    5. Nginx for Windows
    6. Test your knowledge
  3. Configuration
    1. Understanding Configuration Terms
    2. Creating a Virtual Host
    3. Location blocks
    4. Variables
    5. Rewrites & Redirects
    6. Try Files & Named Locations
    7. Logging
    8. Inheritance & Directive types
    9. PHP Processing
    10. Worker Processes
    11. Buffers & Timeouts
    12. Adding Dynamic Modules
    13. Test your knowledge
  4. Performance
    1. Headers & Expires
    2. Compressed Responses with gzip
    3. FastCGI Cache
    4. HTTP2
    5. Server Push
  5. Security
    1. HTTPS (SSL)
    2. Rate Limiting
    3. Basic Auth
    4. Hardening Nginx
    5. Test your knowledge
    6. Let's Encrypt - SSL Certificates

  1. Multi-cluster management
    1. Rancher provides a unified interface for managing multiple Kubernetes clusters across different environments, including on-premises, cloud, and hybrid.
  2. Centralized administration
    1. With Rancher, you can manage user access, security policies, and cluster settings from a central location, making it easier to maintain a consistent and secure deployment across all clusters.
  3. Automated deployment
    1. Rancher streamlines the application deployment process by providing built-in automation tools that allow you to deploy applications to multiple clusters with just a few clicks.
  4. Monitoring and logging
    1. Rancher provides a built-in monitoring and logging system that enables you to monitor the health and performance of your applications and clusters in real-time.
  1. Application catalog
    1. Rancher offers a curated catalog of pre-configured application templates that enable you to deploy and manage popular applications such as databases, web servers, and messaging queues.
  2. Scalability and resilience
    1. Rancher is designed to be highly scalable and resilient, enabling you to easily add new clusters or nodes to your deployment as your needs grow.
  3. Extensibility
    1. Rancher provides an open API and a rich ecosystem of plugins and extensions, enabling you to customize and extend the platform to meet your specific needs.

Envoy

    Data Plane
  1. Envoy is a high-performance proxy that is deployed as a sidecar to each microservice in the infrastructure.
  2. Envoy manages all inbound and outbound traffic for the microservice and provides features like load balancing, circuit breaking, and health checks.
  3. Envoy can also be used as a standalone proxy outside of a service mesh architecture.

    4. Control Plane:
  4. Envoy does not have a built-in control plane.
  5. It can be integrated with other service mesh management solutions like Istio, Consul, or Linkerd, which provide a central point of management for the Envoy proxies.
  6. These control planes enable features like traffic management, security, and observability.

Istio:

    Data Plane:
  1. Istio uses Envoy as its data plane, which means that each microservice has an Envoy sidecar proxy that manages the inbound and outbound traffic for that service.
  2. Envoy is configured and managed by Istio's control plane components.

    3. Control Plane:
  3. Istio provides a built-in control plane that includes the following components:
  4. Pilot: responsible for managing the configuration of the Envoy proxies and enabling features like traffic routing and load balancing.
  5. Mixer: provides policy enforcement, telemetry collection, and access control for the microservices in the service mesh.
  6. Citadel: responsible for managing the security of the service mesh, including mutual TLS encryption and identity-based access control.

Network Configurations:

  1. Consul provides a central service registry that keeps track of all the services in the infrastructure.
  2. Each microservice in the infrastructure registers itself with Consul, providing information like its IP address, port, and health status.
  3. Consul also supports multiple datacenters, allowing for the deployment of services across different regions or availability zones.
  4. Consul provides a DNS interface that can be used to discover services in the infrastructure. Applications can use this interface to resolve service names to IP addresses and connect to the appropriate service.

Service Discovery:

  1. Consul provides a service discovery mechanism that enables microservices to discover and communicate with each other.
  2. Consul supports different service discovery methods, including DNS, HTTP, and gRPC.
  3. Consul can perform health checks on the services in the infrastructure to ensure that they are functioning properly. If a service fails a health check, it is removed from the service registry until it is healthy again.
  4. Consul also supports service segmentation, allowing services to be grouped into logical subsets based on tags or other attributes. This enables more fine-grained control over service discovery and traffic routing.

Secret Storage:
  1. Vault provides a secure storage mechanism for sensitive data, including credentials, API keys, and other secrets.
  2. Vault uses encryption and access control policies to ensure that secrets are protected both at rest and in transit.
  3. Vault supports different storage backends, including disk, cloud storage, and key management systems.
Authentication:
  1. Vault provides several authentication methods that can be used to validate user or machine identity.
  2. These methods include LDAP, Active Directory, Kubernetes, and token-based authentication.
  3. Vault also supports multi-factor authentication (MFA) to provide an additional layer of security.
Access Control:
  1. Vault provides fine-grained access control policies that can be used to restrict access to specific secrets or resources.
  2. These policies can be based on user or machine identity, time of day, and other factors.
  3. Vault supports role-based access control (RBAC) and attribute-based access control (ABAC) policies.
Encryption:
  1. Vault provides end-to-end encryption for all secrets stored in its storage backend.
  2. Vault uses encryption keys that are stored separately from the secrets themselves, providing an additional layer of security.
  3. Vault supports different encryption algorithms and key management systems.
Auditing and Logging:
  1. Vault provides detailed auditing and logging capabilities that can be used to track access to secrets and detect potential security threats.
  2. Vault logs all user and system activity, including authentication events, secret access, and configuration changes.
  3. Vault also supports integration with popular logging and monitoring tools.

Prometheus
  1. Introduction
  2. Introduction to Prometheus
  3. Prometheus installation
  4. Grafana with Prometheus Installation

  5. Monitoring
  6. Introduction to Monitoring
  7. Client Libraries
  8. Pushing Metrics
  9. Querying
  10. Service Discovery
  11. Exporters

  12. Alerting
  13. Introduction to Alerting
  14. Setting up Alerts
  16. Internals
  17. Prometheus Storage
  18. Prometheus Security
  19. TLS & Authentication on Prometheus Server
  20. Mutual TLS for Prometheus Targets

  21. Use Cases
  22. Monitoring a web application
  23. Calculating Apdex score
  24. Cloudwatch Exporter
  25. Grafana Provisioning
  26. Consul Integration with Prometheus
  27. EC2 Auto Discovery
Grafana
  1. Installation
  2. Installing on Ubuntu / Debian
  3. Installing on Centos / Redhat
  4. Installing on Windows
  5. Installing on Mac
  6. Installing using Docker
  7. Building from source
  8. Upgrading

  9. Administration
  10. Configuration
  11. Authentication
  12. Permissions
  13. Grafana CLI
  14. Internal metrics
  15. Provisioning
  16. Troubleshooting

  1. Introduction to Elasticsearch
  2. Overview of the Elastic Stack (ELK+)
  3. Elastic Stack

  4. Architecture of Elasticsearch
  5. Nodes & Clusters
  6. Indices & Documents
  7. A word on types
  8. Another word on types
  9. Sharding
  10. Replication
  11. Keeping replicas synchronized
  12. Searching for data
  13. Distributing documents across shards

  14. Installing Elasticsearch & Kibana
  15. Running Elasticsearch & Kibana in Elastic Cloud
  16. Installing Elasticsearch on Mac/Linux
  17. Using the MSI installer on Windows
  18. Installing Elasticsearch on Windows
  19. Configuring Elasticsearch
  20. Installing Kibana on Mac/Linux
  21. Installing Kibana on Windows
  22. Configuring Kibana
  23. Kibana now requires data to be available
  24. Introduction to Kibana and dev tools

  25. Managing Documents
  26. Creating an index
  27. Adding documents
  28. Retrieving documents by ID
  29. Replacing documents
  30. Updating documents
  31. Scripted updates
  32. Upserts
  33. Deleting documents
  34. Deleting indices
  35. Batch processing
  36. Importing test data with cURL
  37. Exploring the cluster

  38. Mapping
  39. Introduction to mapping
  40. Dynamic mapping
  41. Meta fields
  42. Field data types
  43. Adding mappings to existing indices
  44. Changing existing mappings
  45. Mapping parameters
  46. Adding multi-fields mappings
  47. Defining custom date formats
  48. Picking up new fields without dynamic mapping
  1. Analysis & Analyzers
  2. Introduction to the analysis process
  3. A closer look at analyzers
  4. Using the Analyze API
  5. Understanding the inverted index
  6. Analyzers
  7. Overview of character filters
  8. Overview of tokenizers
  9. Overview of token filters
  10. Overview of built-in analyzers
  11. Configuring built-in analyzers and token filters
  12. Creating custom analyzers
  13. Using analyzers in mappings
  14. Adding analyzers to existing indices
  15. A word on stop words

  16. Introduction to Searching
  17. Search methods
  18. Searching with the request URI
  19. Introducing the Query DSL
  20. Understanding query results
  21. Understanding relevance scores
  22. Debugging unexpected search results
  23. Query contexts
  24. Full text queries vs term level queries
  25. Basics of searching

  26. Term Level Queries
  27. Introduction to term level queries
  28. Searching for a term
  29. Searching for multiple terms
  30. Retrieving documents based on IDs
  31. Matching documents with range values
  32. Working with relative dates (date math)
  33. Matching documents with non-null values
  34. Matching based on prefixes
  35. Searching with wildcards
  36. Searching with regular expressions
  37. Term Level Queries

  38. Full Text Queries
  39. Introduction to full text queries
  40. Flexible matching with the match query
  41. Matching phrases
  42. Searching multiple fields
  43. Full Text Queries
  45. Adding Boolean Logic to Queries
  46. Introduction to compound queries
  47. Querying with boolean logic
  48. Debugging bool queries with named queries
  49. How the “match” query works

Alert Management:
  1. Both PagerDuty and Opsgenie provide powerful alert management capabilities, allowing teams to configure alerts based on specific criteria, such as event severity, priority, and more.
  2. Alerts can be sent to multiple channels, including email, SMS, voice, and mobile push notifications.
  3. Both tools also provide support for escalation policies, allowing teams to ensure that critical alerts are addressed promptly.
Incident Management:
  1. Both PagerDuty and Opsgenie provide incident management capabilities, allowing teams to track incidents and collaborate on resolving them.
  2. Incident management features include creating incidents, adding notes, assigning owners, and tracking status changes.
  3. Both tools also provide support for incident timelines, allowing teams to visualize the progress of an incident over time.
Integration:
  1. Both PagerDuty and Opsgenie provide extensive integration capabilities, allowing teams to integrate with a wide range of tools and technologies.
  2. Integrations include popular monitoring tools, such as Nagios, New Relic, and AWS CloudWatch, as well as IT service management (ITSM) tools like JIRA and ServiceNow.
  3. Both tools also provide REST APIs for custom integrations.
    Analytics and Reporting:
  1. Both PagerDuty and Opsgenie provide analytics and reporting capabilities, allowing teams to track performance metrics and identify areas for improvement.
  2. Analytics and reporting features include incident duration, resolution times, and other key performance indicators (KPIs).
  3. Both tools also provide support for custom dashboards and reports.
Automation:
  1. Both PagerDuty and Opsgenie provide automation capabilities, allowing teams to automate repetitive tasks and streamline incident response processes.
  2. Automation features include auto-acknowledgment of alerts, auto-escalation of incidents, and auto-remediation of issues.
  3. Both tools also provide support for scripting and custom automation workflows.

Job Scheduling:
  1. RunDeck provides powerful job scheduling capabilities, allowing teams to schedule jobs based on specific criteria, such as time, date, and recurrence.
  2. Jobs can be executed on multiple platforms, including Windows, Linux, and macOS.
  3. RunDeck also provides support for job dependencies, allowing teams to ensure that jobs are executed in the correct order.
Run Book Automation:
  1. RunDeck provides run book automation capabilities, allowing teams to automate repetitive tasks and streamline operations.
  2. Run book automation features include executing commands, scripts, and workflows on multiple systems, as well as orchestrating complex processes across multiple systems.
  3. RunDeck also provides support for auditing and logging, allowing teams to track changes and monitor system activity.
Integration:
  1. RunDeck provides extensive integration capabilities, allowing teams to integrate with a wide range of tools and technologies.
  2. Integrations include popular configuration management tools, such as Ansible and Puppet, as well as monitoring tools like Nagios and Zabbix.
  3. RunDeck also provides REST APIs for custom integrations.
Access Control
  1. RunDeck provides access control capabilities, allowing teams to control who can access and execute jobs and workflows.
  2. Access control features include role-based access control (RBAC), LDAP integration, and multi-factor authentication (MFA).
  3. RunDeck also provides support for audit logging, allowing teams to track user activity and changes to system configurations.
Notifications and Reporting:
  1. RunDeck provides notifications and reporting capabilities, allowing teams to track performance metrics and identify areas for improvement.
  2. Notifications and reporting features include job execution status, error notifications, and custom reports.
  3. RunDeck also provides support for custom dashboards and reports.

Application Performance Monitoring:
  1. AppDynamics provides powerful application performance monitoring capabilities, allowing teams to monitor the performance of their applications in real-time.
  2. APM features include application topology maps, transaction tracing, code-level diagnostics, and performance baselines.
  3. AppDynamics also provides support for identifying and troubleshooting performance issues, such as slow database queries, inefficient code, and memory leaks.
End-User Monitoring:
  1. AppDynamics provides end-user monitoring capabilities, allowing teams to track the performance of their applications from the end-user perspective.
  2. End-user monitoring features include real-user monitoring, synthetic monitoring, and business transaction monitoring.
  3. AppDynamics also provides support for identifying and troubleshooting end-user issues, such as slow page load times and errors.
Infrastructure Monitoring:
  1. AppDynamics provides infrastructure monitoring capabilities, allowing teams to monitor the health and performance of their infrastructure.
  2. Infrastructure monitoring features include server monitoring, container monitoring, and cloud monitoring.
  3. AppDynamics also provides support for identifying and troubleshooting infrastructure issues, such as high CPU usage, low memory, and network latency.
Integration:
  1. AppDynamics provides extensive integration capabilities, allowing teams to integrate with a wide range of tools and technologies.
  2. Integrations include popular monitoring tools, such as Splunk and Elasticsearch, as well as IT service management (ITSM) tools like ServiceNow and Remedy.
  3. AppDynamics also provides REST APIs for custom integrations.
Analytics and Reporting:
  1. AppDynamics provides analytics and reporting capabilities, allowing teams to track performance metrics and identify areas for improvement.
  2. Analytics and reporting features include transaction analysis, error analysis, and custom dashboards.
  3. AppDynamics also provides support for machine learning and predictive analytics, allowing teams to proactively identify and address performance issues.

Session 1: Introduction to ArgoCD
  1. Overview of ArgoCD and its features
  2. Understanding the role of ArgoCD in GitOps workflows
  3. Key concepts and components of ArgoCD
Session 2: Installing and Configuring ArgoCD
  1. Preparing the environment for ArgoCD installation
  2. Step-by-step installation guide for ArgoCD
  3. Configuring ArgoCD server and connecting it to the Git repository
Session 3: ArgoCD Architecture and Components
  1. Understanding the architecture of ArgoCD
  2. Exploring the various components of ArgoCD, such as the API server, controller, and repository server
Session 4: Deploying Applications with ArgoCD
  1. Creating applications in ArgoCD
  2. Configuring application specifications using GitOps manifests
  3. Deploying applications and managing their lifecycle with ArgoCD
Session 5: Continuous Delivery with ArgoCD
  1. Implementing continuous delivery pipelines using ArgoCD
  2. Automating application updates and rollbacks with ArgoCD
  3. Monitoring and managing application deployments with ArgoCD
Session 6: Advanced ArgoCD Features
  1. Exploring advanced features of ArgoCD, such as RBAC and secrets management
  2. Integrating ArgoCD with other tools and services, like Kubernetes, Helm, and Prometheus
Session 7: Troubleshooting and Best Practices
  1. Common issues and troubleshooting techniques in ArgoCD
  2. Best practices for managing and maintaining ArgoCD deployments
  3. Tips for optimizing performance and scalability in ArgoCD

STRIDE:
  1. STRIDE is a threat modeling methodology developed by Microsoft that identifies six types of threats: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
  2. The STRIDE approach involves analyzing each component of a system to identify potential threats and vulnerabilities, and then determining appropriate countermeasures to mitigate these risks.
PASTA:
  1. PASTA is a Process for Attack Simulation and Threat Analysis that is based on the concept of "attacker thinking".
  2. The PASTA approach involves identifying potential attackers and their motivations, analyzing potential attack paths, and identifying countermeasures to mitigate these risks.
  3. PASTA is a comprehensive methodology that considers both technical and non-technical factors in the threat modeling process.
VAST:
  1. VAST is a Visual, Agile, and Simple Threat modeling methodology that is designed to be accessible to both technical and non-technical stakeholders.
  2. The VAST approach involves creating visual models of the system and its components, and then identifying potential threats and vulnerabilities through a series of brainstorming sessions.
  3. VAST is designed to be flexible and adaptable, and can be used in a variety of development methodologies.
Microsoft Threat Modeling Tool:
  1. The Microsoft Threat Modeling Tool is a free tool that helps organizations identify potential threats and vulnerabilities in their software systems.
  2. The tool uses the STRIDE methodology and allows users to create data flow diagrams of their systems, which can then be analyzed for potential threats and vulnerabilities.
  3. The Microsoft Threat Modeling Tool provides a comprehensive set of reports and analysis tools, allowing users to prioritize and address potential risks.
OWASP Threat Dragon:
  1. OWASP Threat Dragon is an open-source tool that helps organizations identify potential threats and vulnerabilities in their software systems.
  2. The tool uses a data flow diagram approach to threat modeling, allowing users to create visual models of their systems and identify potential attack paths.
  3. OWASP Threat Dragon provides a comprehensive set of reports and analysis tools, and is designed to integrate with other development tools and methodologies.

OWASP ZAP (Zed Attack Proxy):
  1. OWASP ZAP is a free, open-source DAST tool that can be used to identify vulnerabilities in web applications.
  2. ZAP can be used to perform a variety of tests, including active scanning, passive scanning, and fuzz testing.
  3. The tool provides a user-friendly interface and can be integrated with other testing tools and frameworks.
Skipfish:
  1. Skipfish is a free, open-source DAST tool that can be used to identify vulnerabilities in web applications.
  2. Skipfish is designed to be fast and efficient, making it a good choice for testing large, complex web applications.
  3. The tool can be run in parallel, allowing it to perform tests on multiple web applications simultaneously.
Nmap:
  1. Nmap is a free, open-source network scanning tool that can be used to identify open ports and services on a network.
  2. Nmap can also be used to identify potential vulnerabilities in web applications and other network services.
  3. The tool provides a variety of scanning options, including stealth scanning and operating system fingerprinting.
OpenVAS:
  1. OpenVAS is a free, open-source vulnerability scanner that can be used to identify vulnerabilities in web applications and other network services.
  2. The tool provides a comprehensive set of tests, including active scanning, passive scanning, and vulnerability analysis.
  3. OpenVAS also provides a variety of reporting options, including detailed reports and risk assessments.
Fortify WebInspect:
  1. Fortify WebInspect is a commercial DAST tool that can be used to identify vulnerabilities in web applications.
  2. The tool provides a comprehensive set of tests, including active scanning, passive scanning, and fuzz testing.
  3. Fortify WebInspect also provides a variety of reporting options, including detailed reports and risk assessments.

Network Configurations:
    1. Consul provides a central service registry that keeps track of all the services in the infrastructure.
    2. Each microservice in the infrastructure registers itself with Consul, providing information like its IP address, port, and health status.
    3. Consul also supports multiple datacenters, allowing for the deployment of services across different regions or availability zones.
    4. Consul provides a DNS interface that can be used to discover services in the infrastructure. Applications can use this interface to resolve service names to IP addresses and connect to the appropriate service.
Service Discovery:
  1. Consul provides a service discovery mechanism that enables microservices to discover and communicate with each other.
  2. Consul supports different service discovery methods, including DNS, HTTP, and gRPC.
  3. Consul can perform health checks on the services in the infrastructure to ensure that they are functioning properly. If a service fails a health check, it is removed from the service registry until it is healthy again.
  4. Consul also supports service segmentation, allowing services to be grouped into logical subsets based on tags or other attributes. This enables more fine-grained control over service discovery and traffic routing.

  1. Introduction to Software Composition Analysis (SCA) and its importance in modern software development.
  2. Overview of OWASP Dependency Check as a popular SCA tool in the market.
  3. Understanding the SCA process: scanning, analysis, and remediation.
  4. Deep-dive into OWASP Dependency Check, including installation, configuration, and usage.
  5. Demo of OWASP Dependency Check, including a walk-through of its user interface and workflow.
  6. Understanding OWASP Dependency Check reports and how to interpret them.
  7. Best practices for using OWASP Dependency Check in SCA, including how to interpret and act on its findings.
  8. Integration of OWASP Dependency Check with CI/CD pipelines and other development tools.
  9. Common issues and limitations of SCA tools like OWASP Dependency Check and how to mitigate them.
  10. Real-world examples of how OWASP Dependency Check has helped organizations improve their software security.
  11. Future developments in OWASP Dependency Check and SCA in general.
  12. Q&A session to answer any remaining questions or concerns about OWASP Dependency Check, SCA, or software security in general.
  1. Introduction to Software Composition Analysis (SCA) and its importance in modern software development.
  2. Overview of JFrog Xray as a popular SCA tool in the market.
  3. Understanding the SCA process: scanning, analysis, and remediation.
  4. Deep-dive into JFrog Xray, including installation, configuration, and usage.
  5. Demo of JFrog Xray, including a walk-through of its user interface and workflow.
  6. Understanding JFrog Xray reports and how to interpret them.
  7. Best practices for using JFrog Xray in SCA, including how to interpret and act on its findings.
  8. Integration of JFrog Xray with CI/CD pipelines and other development tools.
  9. Common issues and limitations of SCA tools like JFrog Xray and how to mitigate them.
  10. Real-world examples of how JFrog Xray has helped organizations improve their software security.
  11. Future developments in JFrog Xray and SCA in general.
  12. Comparison between JFrog Xray and other SCA tools in terms of features, capabilities, and pricing.

Falco
  1. Securuing Containers (RASP)- Twistkock
  2. Falco Components
  3. Userspace program
  4. Falco Configuration
  5. Privilege escalation using privileged containers
  6. Namespace changes using tools like setns
  7. Read/Writes to well-known directories such as /etc, /usr/bin, /usr/sbin
  8. Creating symlinks
  9. Ownership and Mode changes
  10. Unexpected network connections or socket mutations
  11. Securuing Containers (RASP)- Falco
  12. Spawned processes using execve
  13. Falco drivers
  14. Falco userspace program
  15. Executing shell binaries such as sh, bash, csh, zsh, etc
  16. Executing SSH binaries such as ssh, scp, sftp, etc
  17. Mutating Linux coreutils executables
  18. Mutating login binaries
  19. Mutating shadowutil or passwd executables
Notary
  1. What is CNCF Notary
  2. Why CNCF Notary?
  3. What is The Update Framework (TUF)?
  4. Understand the Notary service architecture
  5. Brief overview of TUF keys and roles
  6. Architecture and components
  7. Example client-server-signer interaction
  8. Threat model
  9. Notary server compromise
  10. Notary signer compromise
  11. Notary client keys and credentials compromise
  12. Run a Notary service
  13. Notary configuration files

  1. Introduction to Web Application Firewall (WAF) and its importance in securing web applications.
  2. Overview of AWS WAF, Azure Web Application Firewall, and Cloudflare Web Application Firewall as popular WAF solutions in the market.
  3. Understanding the architecture and key features of each WAF solution.
  4. Deep-dive into each WAF solution, including installation, configuration, and usage.
  5. Demo of each WAF solution, including a walk-through of its user interface and workflow.
  6. Understanding WAF rules and how to create and customize them for specific use cases in each WAF solution.
  7. Best practices for using each WAF solution to protect web applications, including how to interpret and act on its findings.
  8. Integration of each WAF solution with other cloud services and development tools.
  1. Common issues and limitations of WAF solutions like AWS WAF, Azure Web Application Firewall, and Cloudflare Web Application Firewall and how to mitigate them.
  2. Real-world examples of how each WAF solution has helped organizations improve their web application security.
  3. Comparison between AWS WAF, Azure Web Application Firewall, and Cloudflare Web Application Firewall in terms of features, capabilities, and pricing.
  4. Future developments in WAF solutions and WAF in general.
  5. Q&A session to answer any remaining questions or concerns about AWS WAF, Azure Web Application Firewall, Cloudflare Web Application Firewall, WAF, or web application security in general.

  1. Introduction to securing credentials and why it is important in today's security landscape.
  2. Overview of HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, AWS KMS, and Kubernetes Secrets as popular solutions for securing credentials.
  3. Understanding the architecture and key features of each solution.
  4. Deep-dive into each solution, including installation, configuration, and usage.
  5. Demo of each solution, including a walk-through of its user interface and workflow.
  6. Understanding the types of credentials that can be secured using each solution.
  7. Best practices for using each solution to secure credentials, including how to interpret and act on its findings.
  8. Integration of each solution with other cloud services and development tools.
  1. Common issues and limitations of each solution and how to mitigate them.
  2. Real-world examples of how each solution has helped organizations improve their credential security.
  3. Comparison between HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, AWS KMS, and Kubernetes Secrets in terms of features, capabilities, and pricing.
  4. Future developments in securing credentials and the solutions that support them.
  5. Q&A session to answer any remaining questions or concerns about securing credentials using HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, AWS KMS, Kubernetes Secrets, or credential security in general.

  1. Introduction to policy-based control and its importance in cloud native environments.
  2. Overview of Open Policy Agent (OPA) as a popular open-source policy engine for cloud native environments.
  3. Understanding the architecture and key features of OPA, including the Rego policy language.
  4. Deep-dive into OPA, including installation, configuration, and usage.
  5. Demo of OPA, including a walk-through of its user interface and workflow.
  6. Understanding how policies can be defined in OPA using the Rego policy language, and how they can be enforced in cloud native environments.
  7. Best practices for defining policies in OPA to ensure proper control and compliance.
  8. Integrating OPA with cloud native technologies, such as Kubernetes, Istio, and Envoy, to enforce policies.
  1. Leveraging OPA to ensure compliance with industry standards and regulations, such as CIS benchmarks and GDPR.
  2. Monitoring and auditing policy compliance using OPA.
  3. Common issues and limitations of OPA and how to mitigate them.
  4. Real-world examples of how OPA has helped organizations improve their policy-based control in cloud native environments.
  5. Future developments in policy-based control and OPA, including the potential for machine learning and AI-based policy enforcement.
  6. Comparison between OPA and other policy engines in terms of features, capabilities, and pricing.
  7. Q&A session to answer any remaining questions or concerns about policy-based control for cloud native environments using Open Policy Agent.

  1. Introduction to cloud security and the shared responsibility model for cloud security.
  2. Overview of AWS security services, such as AWS Identity and Access Management (IAM), AWS Key Management Service (KMS), and AWS Security Hub.
  3. Best practices for securing AWS resources, including configuring network security, managing access control, and securing data.
  4. Understanding AWS compliance and regulatory requirements, such as HIPAA and PCI DSS.
  5. Overview of Azure security services, such as Azure Active Directory (AD), Azure Security Center, and Azure Key Vault.
  6. Best practices for securing Azure resources, including configuring network security, managing access control, and securing data.
  7. Understanding Azure compliance and regulatory requirements, such as GDPR and ISO 27001.
  1. Comparing and contrasting AWS and Azure security services and practices.
  2. Cloud security automation with tools like AWS CloudFormation and Azure Resource Manager.
  3. Container security best practices with AWS Elastic Container Service (ECS) and Azure Kubernetes Service (AKS).
  4. DevSecOps practices and tooling for cloud security.
  5. Real-world examples of how organizations have successfully implemented cloud security practices with AWS and Azure.
  6. Future trends and developments in cloud security.
  7. Q&A session to answer any remaining questions or concerns about cloud security with AWS and Azure.

  1. Introduction to SIEM and its role in security operations.
  2. Overview of Splunk SIEM, its architecture, and its components.
  3. Data ingestion and management in Splunk SIEM, including configuring data sources and handling data volume and retention.
  4. Creating and managing dashboards, reports, and alerts in Splunk SIEM.
  5. Splunk SIEM search language and syntax, including basic and advanced search commands.
  6. Using Splunk Enterprise Security (ES) to manage and analyze security events and incidents.
  1. Integrating third-party security tools and platforms with Splunk SIEM.
  2. Best practices for deploying and scaling Splunk SIEM in enterprise environments.
  3. Splunk SIEM use cases and real-world examples of how organizations have successfully implemented it for security operations.
  4. Future trends and developments in SIEM and Splunk SIEM.
  5. Q&A session to answer any remaining questions or concerns about Splunk SIEM and SIEM in general.