Course Outline
Introduction to Security in Platform Engineering
- Understanding the importance of security
- Core concepts of information security
- The impact of security on platform engineering
Security Design Principles
- Security by design
- Defense in depth
- Least privilege and secure defaults
Compliance Standards and Regulations
- Overview of compliance requirements (GDPR, HIPAA, PCI-DSS)
- Aligning platform engineering with legal and regulatory frameworks
- Continuous compliance monitoring
Secure Development Lifecycle
- Integrating security into the development process
- Threat modeling and risk assessment
- Security testing and code reviews
Identity and Access Management (IAM)
- Principles of IAM
- Implementing authentication and authorization mechanisms
- Managing identities and access controls
Data Protection and Encryption
- Data classification and protection strategies
- Encryption standards and best practices
- Key management and data at rest/in transit
Network Security and Segmentation
- Network architecture and secure communication protocols
- Firewalls, VPNs, and other security appliances
- Micro-segmentation and zero trust networks
Incident Response and Recovery
- Preparing for security incidents
- Effective incident response strategies
- Disaster recovery planning and execution
Security Audits and Penetration Testing
- Conducting security audits
- Penetration testing methodologies
- Remediation and follow-up actions
Emerging Trends in Security and Compliance
- Staying ahead of the threat landscape
- Security implications of new technologies
- Future challenges in platform security
Capstone Project
- Applying security and compliance concepts to a platform project
- Designing a secure platform architecture
- Presenting and evaluating the security posture
Summary and Next Steps
Requirements
- An understanding of basic cybersecurity principles
- Experience with networking and system administration
- Familiarity with common security frameworks and compliance standards
Audience
- Platform engineers
- Security analysts
- Compliance officers
Testimonials (3)
I am getting the correct level of understanding I need to assist in my day to day work
Wasfi Adams
Course - Impacted Function Point (IFP)
The trainer was super engaging and made sure we understand through questioning and affirmations. Even though the content was overwhelming, the trainer broke it down well and made content easily accessible for later reference.
Zaid Amerika
Course - Unit of Software Measurement Parameterization (UMSP)
Everything was built up from a basic level while progressing quick enough to prevent anyone getting bored.