Practical Security Architecture - Hands On!

Hands-on Security Architecture: Building Secure, Reliable Systems following the industry best practices

What you'll learn

Implement identity management using Keycloak

Secure communications with HTTPS and digital certificates

Utilize JWT for secure token management

Configure reverse proxy and sidecar for optimized traffic flow

Enforce policies and permissions with OPA

Deploy OWASP ModSecurity as an effective web application firewall

Apply security patterns and best practices to design robust architectures

Integrate multiple technologies to build secure, reliable systems in real-world environments

Requirements

Some development knowledge is required

No security background is required

Description

Step into the world of distributed systems with our hands-on course that equips you with the skills and knowledge you need to build secure and reliable systems and act as a security architect. Tackle core challenges such as authentication, authorization, and secure communication while leveraging industry-standard technologies and patterns that prepare you for today’s dynamic threat landscape.In this course, you'll get your hands dirty with real-world tools like Keycloak for authentication and OPA for precise policy enforcement. Master secure communication and traffic management using Nginx, and become adept at detecting and mitigating threats with OWASP CRS and ModSecurity. You'll integrate JWT for secure token management, Sidecar for modular architecture, and Reverse Proxy for efficient traffic handling. Plus, you'll implement secure protocols with digital certificates and HTTPS to ensure data integrity and privacy.In this course, you will learn how to:• Authenticate and verify identities using Keycloak as your identity provider.• Control access with precision using OPA for policy enforcement.• Secure communications and manage network traffic with Nginx acting as both the reverse proxy and sidecar.• Detect and mitigate threats with OWASP CSR for robust threat detection rules and OWASP ModSecurity as your first line of defense.• Integrate essential security patterns such as JWT for secure token management, Sidecar for modular architecture, and Reverse Proxy for efficient traffic handling.• Implement secure protocols with digital certificates and HTTPS to ensure data integrity and privacy.With our hands-on approach, every module empowers you to apply these techniques directly in real-world environments. This course is ideal for software developers, security professionals, architects, and anyone interested in designing and implementing secure systems.Elevate your expertise in security architecture by engaging with interactive labs and exercises that transform theoretical concepts into deployable solutions.

Overview

Section 1: Introduction

Lecture 1 The course architecture

Lecture 2 Source code

Section 2: Authentication

Lecture 3 Opensource Identity provider (Introduction)

Lecture 4 Keycloak set up

Lecture 5 OIDC flow

Lecture 6 Authentication Gateway

Lecture 7 Nginx with Javascript

Lecture 8 Service Authentication and client credentials

Lecture 9 Enforce authentication with JWT token

Section 3: JSON Web tokens(JWT)

Lecture 10 JWT token Anatomy

Lecture 11 Ways of validate JWT tokens

Lecture 12 JWT token validation code

Section 4: Digital Certifcate management

Lecture 13 How Secure Connections (HTTPS) works

Lecture 14 Managing Digital Certificates

Lecture 15 Generate Service certificates

Lecture 16 Packaging certs into Trust stores

Section 5: Transport Layer Security(TLS)

Lecture 17 Set up secure connections

Lecture 18 Identity verification with Sidecars

Lecture 19 Mutual TLS

Lecture 20 Route app requests to the sidecar with Iptables

Section 6: Application

Lecture 21 Containarize the app service and the sidecar

Section 7: Authorization

Lecture 22 Service authorisation based on certs

Lecture 23 Open Policy Agent introduction

Lecture 24 Implementing Authorisation with OPA

Section 8: Web Application Firewall

Lecture 25 OWASP ModSecurity introduction

Lecture 26 Set up WAF with Nginx

Software engineers,Security Architects