McAfee Enterprise and AWS

Hands-On Shift-Left Security and Cloud Native Protection Workshops

Workshop #1 & Workshop #2

Roll up your sleeves and join McAfee Enterprise and AWS in one or both LIVE HANDS-ON virtual lab workshops


Workshop #1: Shift Left Security Workshop - Implement strategies for securing dynamic and ever-changing storage and workloads in your IaaS/PaaS infrastructure.

Workshop #2: Cloud Native Application Protection Workshop - Bring critical security functionality such as security audits, DLP, workload protection, vulnerability assessments, and file integrity monitoring of applications, at scale, without slowing down the business.

Dates:

North America Shift-Left Security

Thursday, August 19th

8:00am – 11:00am PST

Register Now

North America CNAPP

Thursday, August 26th

8:00am – 11:00am PST

Register Now

APAC Shift-Left Security

Wednesday, Sept. 1st 

2:00pm – 5:00pm
Sydney Australian Eastern Time

Register Now

APAC CNAPP

Wednesday, September 8th

2:00pm – 5:00pm
Sydney Australian Eastern Time

Register Now

Workshop #1 Details: Shift-Left Security

McAfee Enterprise and AWS Solution Architects will present an in-depth, hands-on session to improve your security posture for your applications running in  IaaS/PaaS environments:

  • Learn how to build a layered security model that enhances the security of cloud workloads, containers, and services you depend on for orchestration, network, and storage.
  • Ensure Kubernetes and the overall cloud environment both meet security best practices and standards.
  • Understand the nature of the CI/CD pipeline and the burden cloud-unfriendly security practices can put on developers.


In our hand-on scenario you’ll walk in the shoes of an infrastructure engineer working on applications running on AWS. We provide you with Continuous Integration / Continuous Delivery (CI/CD) tools like CodeCommit, CloudFormation and Jenkins. In the lab, we’ll integrate Jenkins with McAfee Enterprise MVISION Cloud to scan the CloudFormation template for security misconfigurations. Some examples of the tasks you’ll get to do:

  • Find security misconfigurations with a containerized web application and surrounding infrastructure (Cloud Security Posture Management).
  • Identify sensitive data exposed in Amazon Simple Storage Service (Amazon S3) Buckets (Data Loss Prevention).
  • Learn how to help developers push code securely using a CI/CD process using Kubernetes, Jenkins, and Git repositories.
  • Explore the “Shift Left” method to transparently add security checks to code BEFORE it gets pushed to production.

Space is limited for this workshop so RSVP soon to save your seat!

Workshop Prerequisites

  1. Have a fundamental working knowledge and experience with AWS and related technologies including EC2 instances, S3 storage, text file configuration, Linux shells, etc.
  2. Be familiar with information security concepts such as Data Loss Prevention (DLP), Security Frameworks such as PCI, HIPAA, or GDPR. Experience with products in the area are not required.
  3. Have a roll-up-the-sleeves approach. While we do provide a lab guide, these workshops were designed so that you need to problem solve (and have fun) to complete the exercises.

 

Workshop #2 Details: Cloud-Native Application Protection

 

Cloud-Native applications have many advantages over their monolithic cousins in that they can provide of rapid development at massive scale thanks to automation.  This creates a dynamic environment where traditional methods for protecting applications can’t provide the security required at the pace you need it.  McAfee Enterprise Cloud-Native Application Protection Platform (CNAPP) was designed to bring critical security functionality such as security audits, DLP, workload protection, vulnerability assessments, and file integrity monitoring to these applications, at scale, without slowing down the business.

In this session McAfee Enterprise and AWS Solution Architects will discuss the theory and architecture of a cloud-native application and provide a hands-on workshop where you’ll learn how to:

  • Find security misconfigurations with a containerized web application and surrounding infrastructure (Cloud Security Posture Management).
  • Identify sensitive data exposed in Amazon Simple Storage Service (Amazon S3) Buckets (Data Loss Prevention).
  • Fingerprint applications and prevent rogue processes from running on your workloads.
  • Perform vulnerability scans for both traditional VMs and container images.
  • Configure file integrity monitoring for containerized workloads to detect changes to critical components.


Space is limited for this workshop so RSVP soon to save your seat !


Workshop Prerequisites

  1. Have a fundamental working knowledge and experience with AWS and related technologies including EC2 instances, S3 storage, text file configuration, Linux shells, etc.
  2. Be familiar with information security concepts such as Data Loss Prevention (DLP), Security Frameworks such as PCI, HIPAA, or GDPR. Experience with products in the area are not required.
  3. Have a roll-up-the-sleeves approach. While we do provide a lab guide, these workshops were designed so that you need to problem solve (and have fun) to complete the exercises.