Скачать или смотреть Google Cloud Armor - Deep Dive

Deep dive on Google Cloud Armor where you will learn:

What is Google Cloud Armor
Learn Google Cloud Armor Key Concepts
Security Policies
Rules Language
Preconfigured WAF rules
Named IP address lists
Google Cloud Armor Adaptive Protection
Demo
Deploying OWASP Juice Shop websites on Cloud VM(s)/Load Balancer
Explore vulnerabilities on the website
Configure Cloud Armor and fix vulnerabilities
Fix SQL Injection
Fix Cross Site Scripting (XSS)
Fix Local File Inclusion (LFI)
Fix Directory Listing
Testing
Logging/Monitoring

OWASP Juice Shop Test Setup Script: https://gist.github.com/salimpadela/d...
Rules Language Reference: https://cloud.google.com/armor/docs/r...
List of Preconfigured WAF rules: https://cloud.google.com/armor/docs/r...
OWASP ModSecurity Core Rule Set: https://coreruleset.org/

Chapters:
0:00:00 Introduction to Google Cloud Armor
0:19:11 Demo - Setup OWASP Juice Shop Test Application
0:33:29 Demo - Exploit SQL Injection Vulnerability
0:35:44 Demo - Setup Cloud Armor
0:47:20 Demo - Troubleshooting False Positive Response And Fixing It
0:47:20 Demo - Verify SQL Injection Vulnerability Is Fixed
0:55:09 Demo - Exploit Cross Site Scripting (XSS) Vulnerability
0:55:40 Demo - Fix Cross Site Scripting (XSS) Vulnerability
1:02:31 Demo - Exploit Local File Inclusion (LFI) Vulnerability
1:04:09 Demo - Fix Local File Inclusion (LFI) Vulnerability
1:05:36 Demo - Exploit Directory Listing/Browsing Vulnerability (Request Path)
1:07:03 Demo - Fix Directory Listing/Browsing Vulnerability (Request Path)