Cloud Code Security
Learn how to secure IaC code throughout the CI/CD pipeline and reduce applications' attack surface.
GET HANDS-ON
Search
Cloud Native Security Bootcamp,IaC Bootcamp,AppSec Bootcamp
WHY ARE WE HERE?
ABOUT THE BOOTCAMPS
Explore Prisma® Cloud, the industry’s leading Cloud Native Application Protection Platform, during a hands-on Prisma Cloud Security Bootcamp of your choice. The options:
Cloud Native Security Bootcamp: Examine and discuss cloud native security principles, experience a robust product demonstration and then test your knowledge while playing capture the flag.
DevSecOps Bootcamp Series: Join a discussion focused on the principles of DevSecOps, learn how Prisma Cloud supports those principles and delve into the product’s capabilities during a lab exercise.
No matter which cloud security bootcamp you choose, you’ll receive a wealth of information in a fun and interactive way.
CLOUD NATIVE SECURITY BOOTCAMP
Audience
- Practitioners in Cloud/Cloud Security
- Engineer/Developer
- IT/Infrastructure Ops
Description
This interactive workshop includes an instructor-led presentation on cloud native security principles, an educational product demonstration and a capture-the-flag activity.
Presentation
The presentation is 20–25 minutes and covers cloud native security principles throughout the lifecycle of application development, from build to runtime protection. The five pillars of the Prisma Cloud platform—Cloud Code Security, Cloud Security Posture Management, Cloud Workload Protection, Cloud Network Security and Cloud Identity Security—are introduced at the end of the presentation.
Demo
The demo is 15–20 minutes and covers the five pillars of the Prisma Cloud at a high level, introducing the key modules of each of the five pillars—Cloud Code Security, Cloud Security Posture Management, Cloud Workload Protection, Cloud Network Security and Cloud Identity Security.
Exercise
The exercise is a 45-min story-based game of capture the flag and covers the pillars of the Prisma Cloud platform while solving a real-world use case.
What we’ll cover
1
2
Cloud Security Posture Management
Find and learn how to remediate cloud misconfigurations as well as identify malicious threats while exploring Prisma Cloud’s CSPM features.
3
Cloud Workload Protection
Runtime protection is a cornerstone of security, explore Prisma Cloud’s vast capabilities for runtime protection across virtually any application and tech stack.
4
Cloud Network Security
Learn about microsegmentation and how to prevent malware propagation in cloud native application architectures
5
Cloud Identity Security
Identity is the new edge, find out how Prisma Cloud can help audit your least privilege policy and help achieve secure multi-cloud infrastructure entitlement
6
Making a Plan
By the end of this short workshop you will be armed with the information you need to define a new Cloud Native Security strategy and achieve a new secure tomorrow
DEVSECOPS BOOTCAMP SERIES
APPSEC BOOTCAMP
Audience
- Application Security
- Engineer/DevOps
- Practitioners in Cloud/Cloud Security
Description
The workshop is an instructor-led presentation of DevSecOps principles focusing on application security and includes a product demonstration and a short lab exercise.
Presentation
The presentation is 20–25 minutes long and includes application security and DevSecOps principles. Focusing on securing the lifecycle of applications, the presentation discusses software composition analysis and supply chain security, as well as protecting workloads with runtime security.
Demo
The demo is 15–20 minutes and covers a quick demonstration of the CI/CD security capabilities of Prisma® Cloud, focusing on application security.
Exercise
The exercise is 20 minutes and includes a short, guided lab exercise where the participants use Prisma Cloud to help secure a mock banking application from code to cloud for an example organization, focusing on application security concepts.
What we’ll cover
1
Detect Vulnerabilities in Open Source Packages
Detecting and fixing vulnerabilities early in the development lifecycle saves organizations time and money while resulting in a reduced attack surface at runtime. Learn how to discover vulnerabilities in open source packages and within the context of infrastructure as code (IaC).
2
Scan Private and Open Source Registries
Modern cloud-native applications depend heavily on packaged open source code to provide increased development speed and agility. Learn how Prisma Cloud can scan both private and public repositories to detect vulnerabilities.
3
Prevent Attacks at Runtime
Regardless of where they are deployed (hosts, containers, serverless functions, etc.), the application’s runtime behavior should be monitored for abnormal behaviors. Learn how security operations and application security teams can use Prisma Cloud to identify normal behaviors quickly and prevent risky anomalous behavior.
4
Making a Plan
By the end of this short workshop, you will be armed with the information you need to define a new cloud-native security strategy and achieve a new, secure tomorrow.
DEVSECOPS BOOTCAMP SERIES
IAC SECURITY BOOTCAMP
Audience
- Practitioners in Cloud/Cloud Security
- Engineer/Developer
- IT/Infrastructure Ops
Description
The workshop is an instructor-led presentation on infrastructure as code principles and includes a product demonstration and a short lab exercise.
Presentation
The presentation is 20–25 minutes and covers IaC security principles focusing on the CI/CD pipeline, including the Build, Deploy, and Run phases. Each phase is explained in detail, and security best practices are evangelized. At the end of the presentation, Prisma® Cloud capabilities are explained.
Demo
The demo is 15–20 minutes and covers a quick demonstration of IaC security capabilities with Prisma Cloud. This includes an IDE plugin demo, CI tool integrations, and the interactive IaC dashboard and remediation capabilities within Prisma Cloud.
Exercise
The exercise is 20 minutes and includes a short, guided lab exercise where the participants use Prisma Cloud to help secure a mock banking application from code to cloud for an example corporation, focusing on IaC Security and CSPM.
What we’ll cover
1
Infrastructure as Code Security
Learn how Prisma Cloud can help identify and fix security misconfigurations found within IaC templates in development and pipelines.
2
Supply Chain Security
Identify IaC misconfigurations found in code repos and build context around their impact by leveraging supply chain security in Prisma Cloud.
3
CSPM
Once infrastructure code is deployed, assets should be inventoried and continually inspected to ensure the attack surface is minimized. Learn how Prisma Cloud reduces the complexity of securing multicloud environments at runtime with Cloud Security Posture Management (CSPM).
4
Making a Plan
By the end of this short workshop, you will be armed with the information you need to define a new cloud-native security strategy and achieve a new, more secure tomorrow.