- Видео 40
- Просмотров 76 986
Hackitect's playground
Чехия
Добавлен 21 апр 2020
I am a hands-on Architect (Hackitect), engineer consultant, and speaker. This channel brings you my videos about CyberSec Architecture, Pentesting, DevSecOps, and Cloud related fun.
BSides Prague 2024 Rewind: How AWS AI Services Transform DevSecOps
Welcome to my BSides Prague recap! In this video, I dive into the latest advancements in AWS AI services that are transforming DevSecOps. I'll look at how AWS CodeGuru, Amazon Q, and AWS GuardDuty can boost your development and security operations, making them more efficient and secure.
You'll discover how AWS CodeGuru offers intelligent recommendations to enhance your code quality and performance, saving you time and reducing bugs. I'll also explore Amazon Q, an AI-powered question-answering service that helps you easily extract valuable insights from your data. Lastly, I'll cover AWS GuardDuty, a robust threat detection service that continuously monitors your AWS environment for maliciou...
You'll discover how AWS CodeGuru offers intelligent recommendations to enhance your code quality and performance, saving you time and reducing bugs. I'll also explore Amazon Q, an AI-powered question-answering service that helps you easily extract valuable insights from your data. Lastly, I'll cover AWS GuardDuty, a robust threat detection service that continuously monitors your AWS environment for maliciou...
Просмотров: 74
Видео
How to: Secrets scanning
Просмотров 145Месяц назад
Is secrets scanning pain for you? Do you want to learn more? Lets have fun with Comics! Learn about secret scanning and techniques you can use. Let's dive deep into GitLeaks, truffleHog, and other tools. Do you know that you can orchestrate secret scanning with AWS Lambda, AWS Code Build, or Secure Codebox? IMPORTANT LINKS: GitLeaks: github.com/gitleaks/gitleaks Trufflehog: github.com/trufflese...
Build your own security scanner or Sci-fi RPG with AWS PartyRock
Просмотров 4525 месяцев назад
Learn about AWS Bedrock playground and how to play with LLM models and build your own game or useful tooling for Kubernetes review. Link: partyrock.aws/ Author: Marek Šottl Web: www.sottlmarek.com Twitter: sottlmarek Connect with me: www.linkedin.com/in/mareksottl/ Subscribe: ruclips.net/channel/UCy0S_HftNM7Fy0ksEOUHc-Q
Cloud security and DevSecOps certifications guide
Просмотров 1,4 тыс.8 месяцев назад
In this roadmap and guide, I will show you which certifications and trainings are today (2023) available. If you want to be a Cloud security engineer, DevSecOps, or just want to boost your current knowledge with cutting-edge topics in security, here is the overview exactly for you. This guide covers CCSK, Azure DevOps, AWS DevOps, AWS Security, Comptia Cloud security stack, Certified DevSecOps ...
Cloudonauts: Nyx - Pursuit of the Unknown IAC Drift story
Просмотров 18111 месяцев назад
Welcome to the captivating tale of Nyx, a Cloudonaut and the final bastion of defense within the future Technocratic society. Embark on a journey with her as she unravels the intricacies of detecting drift in Terraform and CloudFormation. Nyx's pursuit of an enigmatic Drifter unveils the hidden truths surrounding contemporary cloud systems. Join us as we delve into a narrative that explores the...
Learn Serverless TOP 10 security issues in 40 minutes
Просмотров 231Год назад
I am proud and honored to share my research and OWASP-based Serverless TOP 10 with you. This exclusive video focuses on the most common security issues and protection patterns for Serverless in AWS (2023). The content showcases issues and solutions like: - Denial of wallet - Event injection in Lambda or other functions. - Misconfiguration and Drift detection - Weak access controls - Cloud misco...
Say Goodbye to Bastion Hosts
Просмотров 680Год назад
Learn how to set up BastionHostless access using AWS Systems Manager, a more secure and streamlined way to access your Amazon Web Services (AWS) resources. Systems Manager Session manager allows you to manage your AWS resources from any location without using the Bastion host. This video covers the benefits of BastionHostless access, how to set up a Systems Manager, and tips for secure and effi...
4 AWS DevSecOps services that you should know
Просмотров 981Год назад
Alert! This video is only for those serious about learning and wanting to grow as DevSecOps engineers. Just kidding, this one is for everyone who wants to understand AWS CodeGuru, Policy Simulator, AWS Pricing Calculator, and AWS Cloud9. Links for the docs: docs.aws.amazon.com/codeguru/?icmpid=docs_homepage_ml docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html docs.a...
Snyk free DevSecOps tools and resources
Просмотров 1,4 тыс.Год назад
Let's talk about Snyk, a powerful platform for developers looking to improve the security of their applications. Snyk offers a comprehensive suite of free DevSecOps tools, including the Snyk Advisor and Code Checker, to help you quickly identify and address vulnerabilities in your code. With Snyk, you can keep your applications secure independently of what programming language you use. Whether ...
4 AWS services that you probably don't know about
Просмотров 167Год назад
4 AWS services that you probably dont know about, and make your developer life easier. From simplifying AWS resource management to improving security, these hidden gem services will boost your cloud computing skills and enhance your workflow. Expect other parts introduced soon. I am sure, that you will enjoy learning whether you are a seasoned AWS user or new to the platform. I selected the les...
Cloud Quest: Learning AWS in fun way - How to start with cloud
Просмотров 398Год назад
CloudQuest is excellent gaming and learning experience from Amazon Web Services. It helps you to learn the cloud in the simulation game gather pets and buildings, and customize your own city. The player learns through the videos and labs. The player also shoots the drones and completes mini-quizzes. this learning experience is for those searching for new ways of learning cloud. If you are looki...
What is DevSecOps?
Просмотров 1,5 тыс.Год назад
Did you ever wonder what is the magical DevSecOps? It connects developers, security, and operations in one cooperative team. DevSecOps like DevOps is a methodology and cultural aspect of development and innovation. DevOps tooling like Software composition analysis, SAST, DAST, IAST, and Runtime application protection baked in CI/CD developed by engineering with M-shaped skills make the real Dev...
Terraform least priviledge with AirIAM for AWS
Просмотров 311Год назад
Let's explore together how to run optimization for minimal privileges in AWS IAM with AirIAM tool for Terraform. AirIAM is an AWS IAM to least privilege Terraform execution framework from Bridgecrew (now part of Palo Alto) This is a very easy way how to remove unused entities. Link to the tool : github.com/bridgecrewio/AirIAM
AWS IAM access analyzer in 10 minutes
Просмотров 6 тыс.2 года назад
AWS IAM access analyzer is a vital service for Hardening your IAM roles, policies, and permissions. IAM analyzer uses the Zelkova algorithm with semantic reasoning. It automatically integrates with the AWS Security hub (when enabled). Enjoy 10 AWS access analyzer explained in 10 minutes. Connect with me: www.linkedin.com/in/mareksottl/ Blog: www.sottlmarek.com/blog/ Ultimate DevSecOps library: ...
AWS IAM security analysis with Cloudsplaining | find data exfiltration and privesc issues fast
Просмотров 7202 года назад
Cloudsplaining is an amazing AWS IAM analysis tool. This helps you to find your problems with data exfiltration, black infra issues, credential exposure, or privilege escalation in our roles, groups, and IAM policies. With a few commands, you can export metadata and run multi-account analysis. Link: github.com/salesforce/cloudsplaining Connect with me: www.linkedin.com/in/mareksottl/ Blog: www....
Prowler running in Cloud shell or Docker in Lambda
Просмотров 2,2 тыс.2 года назад
Prowler running in Cloud shell or Docker in Lambda
8 Tips how to become AWS Community builder
Просмотров 2,4 тыс.2 года назад
8 Tips how to become AWS Community builder
Cloud container attack tool - hack and protect your AWS ECR
Просмотров 8492 года назад
Cloud container attack tool - hack and protect your AWS ECR
How to test mobile application for security issues with AWS ECS
Просмотров 4382 года назад
How to test mobile application for security issues with AWS ECS
How to run SAST (Static security testing) of your infrastructure as code
Просмотров 1,5 тыс.2 года назад
How to run SAST (Static security testing) of your infrastructure as code
How to secure AWS Lambda code ? | Lambda security in nutshell for complete beginners
Просмотров 2,1 тыс.2 года назад
How to secure AWS Lambda code ? | Lambda security in nutshell for complete beginners
What is AWS FIS? AWS Fault injection simulator - big-small chaos to your production
Просмотров 1,7 тыс.2 года назад
What is AWS FIS? AWS Fault injection simulator - big-small chaos to your production
SQLmap and Burp? Places for invoking SQLmap extension in Burp Suite [MINIVIDEO - BONUS TO EPISODE 6]
Просмотров 6742 года назад
SQLmap and Burp? Places for invoking SQLmap extension in Burp Suite [MINIVIDEO - BONUS TO EPISODE 6]
Chaos engineering with Gremlin in AWS (and not only there)
Просмотров 2,7 тыс.3 года назад
Chaos engineering with Gremlin in AWS (and not only there)
What is chaos testing? Basic Chaos engineering training 101
Просмотров 3,8 тыс.3 года назад
What is chaos testing? Basic Chaos engineering training 101
Automating security checks in with Inspec - PART 2
Просмотров 3933 года назад
Automating security checks in with Inspec - PART 2
Compliance in AWS? Compliance and defensive testing with Chef Inspec in AWS - PART 1
Просмотров 7113 года назад
Compliance in AWS? Compliance and defensive testing with Chef Inspec in AWS - PART 1
Top DevSecOps interview questions - level 3 - HARD
Просмотров 2,5 тыс.3 года назад
Top DevSecOps interview questions - level 3 - HARD
Top DevSecOps interview questions - level 2 - MEDIUM
Просмотров 3,7 тыс.3 года назад
Top DevSecOps interview questions - level 2 - MEDIUM
Top DevSecOps interview questions - level 1 - BEGINNER
Просмотров 12 тыс.3 года назад
Top DevSecOps interview questions - level 1 - BEGINNER