Udemy Development Software Engineering
100% off Course Image
Udemy Development Software Engineering

DevSecOps: How to secure Web App with AWS WAF and CloudWatch Free Coupon

Web application cyber security practical guidance. AWS DevSecOps WAF masterclass. AWS DevOps security tips and tricks.
4.5 (232 reviews) 17,323+ students
Instructor: Sergii Demianchuk Published by: Subham (MOD) English

Course Description

What you'll learn:

  • How exceptions and logging should be organized at web application to become a security defensive tool

  • How to secure Web application at AWS Cloud

  • How to configure AWS WAF

  • How to use AWS WAF managed rules

  • How to use AWS WAF custom black and white list

  • How to use AWS WAF custom rate rules

  • How to configure WAF alarms

  • How to use CloudWatch as detector of abnormal hacker's behavior

  • How to build custom CloudWatch filters and alerts upon it

  • How to use Athena to analyse WAF and application logs

  • Cyber thread analysis basics using Athena and Excel

Requirements:

  • Active AWS account

  • Some active web domain

  • Basic knowledge at using docker and web programming

Short description:

Current course is about how to secure Web Application against hacker's attacks with AWS cloud solutions using application level, centralized log system and firewall protection. You will also learn a lot about how to provide effective cyber thread analysis during hacker's attack and after it.


COURSE STRUCTURE:

The course starts from creating a very small API application. For that purpose I will use the Python programming language and Flask framework.  If you are not aware of current technologies, don't worry, you should not. Believe me, the application would be extremely simple, so anyone, even a child, can understand how it works.

While creating according application I will concentrate at next essential aspects:

  • Custom exceptions

  • Logging

I will explain why it is so essential to have those both things at any application and how to make it properly in order it would be helpful from a security defense perspective.


The principles which I will show you are extremely simple and can be easily propagated at any existing web application. You will see the real power of properly done exceptions and logging at your own eyes when we will make real hacker’s attacks simulations at our application after deploying it at AWS cloud


Generally speaking, deploying - it is 2nd essential part of our learning. Together we will deploy our test API application at AWS using Terraform. And again, if you have never used current technology, don’t worry. I will show you step by step, how to run according terraform scripts.


At 1st we will prepare the AWS network, after that we will deploy AWS ALB with WAF, and finally, at the last step, we will deploy our application at EC2 using an auto scaling group. Current pattern of deployment can be easily used by you at production as it is rather cost effective and almost a HA solution. Though as every solution it also has some limitations, which I will discover during Terraform lectures


At deployment section I will speak a lot about different AWS Services, that would be used for creating security defense mechanisms


  • IAM policies and Security groups as restriction mechanisms to our resources

  • S3 as place for keeping our ALB and WAF logs

  • CloudWath as centralized log storage and alarm system

  • SNS - as mechanism for sending alarm notifications during security attacks detection

  • I will also touch a little bit Route 53 and Certificate manager services

The deployed Falsk application and all AWS infrastructure around it would be intensively used as a lab environment for imitating different hacker’s attacks and providing a cyber security learning process. That will allow you to perform real practice training and try different security tools and tricks with your own hands. That is why, as for me, it is so essential to have it to be done.


In the third section we will speak about AWS WAF. We will discuss in details:

  • What resources can we attach WAF at - ALB, API gateway, CloudFront

  • How properly to configure it

  • Why correct configurationof AWS WAF is so time consuming process

  • How to set up AWS WAF managed rules and custom blocking policies

  • How to analyse WAF and ALB logs using Athena

  • Why WAF is not silver bullet that can’t protect web app against all possible threats

At current section I will also show you some examples of real attacks that were blocked by WAF taken from my commercial experience, in order you could feel how powerful WAF is as a security defense tool


At 4th section we will discuss deeply AWS CloudWatch service, especially:

  • how to use our application logs as security detector

  • how to build custom CloudWatch filters

  • how to raise alerts in case web application is under the hacker’s attack

  • how you can be aware of attack even before WAF will detect it, or when WAF could not deal with the problem


In the 5th section we will speak about cyber threat analysis using Atena and Excel after a hacker's attack. We will discuss how to gather all required data using Athena and how to verify if the hacker's actions had any success.


At last section we will make a short summary of all passed practice materials, by creating effective security defense framework, that can be used at any cloud or even at on-premise solutions


Who this course is for:

  • Anyone who is interested at cyber security or who is responsible for Web resources:

  • Software engineer

  • DevOps

  • Admin

  • CTO

  • CEO

308 Views 0 Likes Wishlist
Price: ₹5499 FREE 100% off
Expires on Jan 18, 2026
Take this course

Review: Our Opinion

Everything You Need to Know About DevSecOps: How to secure Web App with AWS WAF and CloudWatch

This course is a comprehensive and well-structured introduction to DevSecOps: How to secure Web App with AWS WAF and CloudWatch. The instructor, Sergii Demianchuk, is a leading expert in the field with a wealth of experience in Development to share.

The course is well-structured and easy to follow, and the instructor does a great job of explaining complex concepts in a clear and concise way.

The course is divided into sections, each of which covers a different aspect related to Software Engineering. Each module contains a series of video lectures, readings, and hands-on exercises.

The instructor does a great job of explaining each topic in a clear and concise way. He/She also provides plenty of examples and exercises to help students learn the material.

One of the things I liked most about this course is that it is very practical. The instructor focuses on teaching students the skills and knowledge they need to succeed in the real world. He/She also provides students with access to a variety of resources, including templates, checklists, and cheat sheets.

Another thing I liked about this course is that it is offered on Udemy. Udemy is a great platform for taking online courses because it offers a lot of flexibility for students. Students can choose to take courses at their own pace, and they can access the course materials from anywhere with an internet connection.

Udemy also offers a variety of payment options, so students can find a plan that works for them. The course also has a very active community forum where students can ask questions and interact with each other. The instructor is also very responsive to student questions and feedback.

Overall, I highly recommend this course to anyone who is interested in learning DevSecOps: How to secure Web App with AWS WAF and CloudWatch. It is a well-organized and informative course that will teach you the skills and knowledge you need to succeed.

Explore More Courses

Frequently Asked Questions

Got a question? We've got answers. If you have some other questions, please contact us.

How do I use the coupons on Korshub?

To use coupons on our website, simply click on the "Take this course" button next to the course you're interested in. You will be redirected to the Udemy course page with the coupon applied automatically.

Are these Udemy courses free with the coupons?

The coupons on our website can significantly reduce the price of Udemy courses, often making them very affordable or even free. However, the availability and terms of the coupons may vary.

Can I request specific courses to be added to the website?

Absolutely! We value your input and want to provide you with the courses you're interested in. If you have a specific course in mind that you'd like to see on our website, please don't hesitate to reach out to us. Simply send us the course title, and we'll do our best to contact the instructor and make it available to you.

Why is the course listed as 100% off on your website, but it is not free on Udemy?

The course may not be free on Udemy for two main reasons:Firstly, if the coupon for the course has expired, it won't be available for free or at a discounted price. Secondly, coupons often have a limited number of redemptions, and if the maximum limit has been reached, new users may not be able to enroll for free.

Is it legal to enroll in courses using these coupons?

Yes, it's completely legal to enroll in courses using the coupons provided on our website. The coupons are offered in collaboration with instructors and are a legitimate way to access courses at discounted or free rates. However, it's essential to respect the terms and conditions set by Udemy and the course instructors.

How long are the coupons valid for?

The validity of coupons can vary from course to course. Some coupons may have a limited time frame of 4 days, while others could be available for an extended period. Be sure to check the coupon expiry details on our website.