Avatar

Register to attend the October 27 webinar: Application First Security 

Welcome, you have arrived at the first of a series of five blogs taking you through an adventure that you have never experienced before.  Over the next four weeks we’ll post blogs that will prepare you to tackle the new DevNet Learning Lab, where you’ll learn how to secure your cloud-native applications and infrastructure using:

  • application segmentation
  • public cloud threat detection
  • multi-factor authentication

In the learning lab you’ll learn how to stage the infrastructure, modify and deploy the application, and instrument the security products into the environment. So, buckle in and get ready to secure a cloud-native application and public cloud infrastructure using Cisco Products: Tetration, Stealthwatch Cloud, Duo, and AppDynamics. In the process, you’ll also get your hands dirty with products and technologies including git, Kubernetes, GitHub, Docker, and AWS.

DevNet gives you plenty of help for your learning journey

The new DevNet learning track and accompanying DevNet Sandbox give you a hands-on, immersive experience. But we didn’t stop there. In addition to this blog series, you’ll find docs and other resources on the new Cisco Application-First Security website.

If you’d like to really get a head start, please join the October 27th webinar. And make sure to follow our blog posts in the coming weeks.

The learning scenario: You’re starting a business

In the Learning Lab, you will be starting your own unicorn e-commerce company – “Sock Shop” – completely built with a cloud-native approach in AWS. However, there is some bad news: your dream company will be attacked by malicious actors!  Because the Sock Shop application is built cloud-native, you never have to worry about scaling your infrastructure during Cyber Monday or other peak online retail moments. You will be both simulating attacks on your application, as well as protecting it with a zero-trust policy. Furthermore, you will install monitoring solutions to make sure that everything is working as your policy mandates.

App First Security webinar

Cisco App-First Security Overview

As you tackle the Learning Lab, you will need the basics. Blogs in the weeks ahead will dive into greater detail on the Cisco technologies you’ll be learning. For now, here’s a short overview of what Cisco App-First Security is all about.

Application First Security structure

Tetration: Container and host insight and control

Cisco Tetration offers holistic workload protection for multicloud data centers by enabling a zero-trust model using segmentation. This approach allows you to identify security incidents faster, contain lateral movement, and reduce your attack surface. Tetration’s infrastructure-agnostic approach supports both on-premises and public cloud workloads. The Cisco Tetration agent your workloads collects network flow and process information, which is essential for getting visibility and policy enforcement.

Stealthwatch Cloud: Public cloud, container, and private network threat detection

Stealthwatch Cloud Public Cloud Monitoring (PCM) is a visibility, threat identification, and compliance service for private and AWS, Azure, and GCP public clouds. Stealthwatch Cloud consumes network traffic data, including Virtual Private Cloud (VPC) flow logs, from your public cloud network. It then performs dynamic entity modeling by running analytics on that data to detect threats and indicators of compromise.

Duo: Secure access for DevOps and end users

Duo provides secure access to your applications and data, no matter where your users are – on any device – from anywhere. Duo Web SDK makes it easy to add strong two-factor authentication to your web application, complete with inline self-service enrollment and Duo Prompt. Implementing Duo two-factor authentication into your site involves simply adding a second login page and splitting your login handler into two parts.

AppDynamics: Application tracing for threat response and post-mortems

AppDynamics provides application performance monitoring and deep insight into transaction behavior and metrics for applications running in public and private cloud environments. This data can be is a powerful aid provided by application teams to SecOps when investigating threats.

We’ll overview these technologies and more at the October 27th webinar.

What’s your next move?

That’s easy… Register for the October 27th webinar on Application First Security

And for more insight on everything DevNet has to offer in the area of security, be sure to register for DevNet Create Virtual 2020. Join us next Tuesday, October 13, 2020 for an action-packed day of developer learning with your peers from around the world. Expect to see plenty of community favorites as we explore developer trends and tools in a variety of engaging technical sessions. Plan ahead for the sessions you want to attend.

Got questions or comments? Please leave me a comment in the section below.

Related resources: