Cloud Security for DevSecOps Engineers: From Security Models to API Protection

Designed for new and early-career DevSecOps engineers, this course introduces cloud security through a DevSecOps lens. Get started by learning the fundamentals of cloud computing, service models, and the shared responsibility model. Explore the importance of key security services and control types, such as identity and access management (IAM), encryption, logging, and network segmentation, as well as API security fundamentals in cloud-native environments. Along the way, instructor Damien Burks dives into the essentials of infrastructure as code (IaC), showing you how to identify common risks, enforce compliance with policy as code, and automate security checks at scale using tools like Trivy. By the end of this course, you’ll be prepared to effectively apply key DevSecOps principles and concepts within the cloud security space.

This course is integrated with GitHub Codespaces, an instant cloud development environment that offers all the functionality of your favorite IDE without the need for any local machine setup. With GitHub Codespaces, you can get hands-on practice from any machine, at any time—all while using a tool that you’ll likely encounter in the workplace. Check out the “Using GitHub Codespaces with this course” video to learn how to get started.

Learning objectives

• Understand your security responsibilities across software-as-a-service, platform-as-a-service, and infrastructure-as-a-service models.
• Identify key cloud-native security controls in any environment.
• Apply security best practices to infrastructure as code.
• Recognize common API vulnerabilities and how to prevent them.
• Embrace a DevSecOps mindset focused on automation and collaboration.