Training (1 day): Simple End-to-End App Security with AWS

Presented at AppSec USA 2015, Sept. 23, 2015, 3:30 p.m. (90 minutes)

As security consultants, developers, managers, and architects we are faced with not only delivering customer value but delivering customer value responsibly. Often times after a plethora of decisions have been made. In this hands on workshop, a reference microservices application hosting environment will be instantiated including some sample services and applications. We will decompose the reference environment to examine how it leverages (or fails to leverage) some of security capabilities from AWS. Then we will decompose the applications themselves. During this bottom up and top down inspection we will identify common mistakes and point out opportunities to prevent and accidentally inject vulnerabilities. This workshop will help security consultants, architects, and developers develop operational and design time checklists for their organizations or customers.    Bring your laptop and AWS account since Cloud Formation templates will be provided so you can follow along.


  • Nicholas J. Parks
    Nicholas is a technology professional that started as a software engineer that developed commercial products to manage data centers. He then ventured into delivering Java PaaS solutions with a focus on providing application security as a service. This included delivering managed life cycle solutions to customers across various industries. As an Amazon Certified Solution Architect he has assisted customers improve operational delivery of application hosting in the hybrid cloud context.