Understand application security and common network attacks. You will master the core skills of application security on the cloud, including how to access Alibaba Cloud WAF, avoid tampering website, prevent CC attacks, and how to conduct business risk management.
Cloud security administrators and operators
How to get Certified
Certification:Apsara Clouder - Cloud Security:Protect Your Web Application on Alibaba Cloud
Exam Duration:30 Minutes
N0. of Exam Attempts:2 Times
Protect Your Web Application on Alibaba Cloud
You will understand the main security risks faced by web applications on internet and solutions offered by Alibaba Cloud.
- Cloud application security overview
- Using WAF to protect your application
- Defend against some typical web application attacks
- Anti-Fraud function in WAF
- WAF console go through (console demo)
- WAF console go through (console demo)
- WAF ACL control (console demo)
Cloud Application Security Overview
Ok, so please allow me to give you an overview of the cloud application security when we talk about the viper kitchen security. But actually, we are talking about, usually our major concerns. I should be focused on the form of categories. The first one is the we called him. The third page are changed, which means if you are running an online business, the first thing you don't want to happen is your pages was kind of changed our manipulated by someone else. Someone maybe they inject some executable files into your web server to gain a privilege of your server side of the you know change some of your major pages, and add some hidden links when the user may be, click2 the server page. They don't know, they even I clicked in someplace else. So, this is a first major concern when we talk about the web application security. Also, again, when you are running an online business, something you don't really want to happen, you are under some kind of denial of service attack. It’s either it is a very huge flood, like the like a door, but particularly in the web application security area. There is one attack. Actually, two types of tag, we call them CC attack of slow loris attack. Those are very typical HTTP level attacks or we can call them the later seven attacks, those attacks are not quite like the comments. Layer didoes attack, they are very slow and it looks like really looks like the normal request. It is really hard for the firewall or some other, and network a security software or tools to defend against it. Then usually when attacks attacker attack. Your attacking your website definitely want to gain some values, right? They either want to give some capability to steal your user password, maybe even to change some kind of accounts and get some access to your very terrible, available, sensitive data, which means, for example, in the application security category, there are one attack code. Injection attack will introduce these typical attacks in a literal, that kind of attack is something they just insert very small or very. Mariner's code into the input of there is stupid request. We can have something you never know happening in a suicide or your class side to gain some privilege you don't want them to have. And the last one, we called them bars and uh concerns again in nowadays many huge cooperation, enterprise level website. They, are running a lot of business contraction every day. I even take care of many millions of billions of others online. But that information, like all those pricing, let some products, pricing and or even some orders, information like, who bought what right, those kinds of information, maybe individually, those are not very sensitive data. But ticket, look into a big picture, or put all the data together. You can still dig deep to gain some very valuable information, or have some conclusion from that quite large amount of data. That's why nowadays, hackers, they actually, they use a program and the crawler or bot to just log on to your website and try to go everywhere to grab that kind of information. They will go through all your website pages and try to find anything valuable to. So that's something you really don't want them to happen. And for bots, sometimes, you know, we have many online tickets assailing right online orders. Some. Is going very well. They may do some promotion, or they may give the first time register users, someone you know, coupons or discount, but if that information was known by the by the hackers, they can develop some robot like some program to just quickly register themselves and to get all the coupons to themselves. So, which will really damage and compromise a normal user, benefits and their rights. So, this is a major concern when we talk about the web application. Security here is the o w a s p is an open community. It will announce every year with a top ten web application attacks you can see from year two thousand thirteen, two year two thousand seventeen. The top ten attacks actually are changing, most of the attacks, like the indexes right are still there, but you can see some of the attacks may be going lower and some are going. Um it's really given us a fact, in inception, when putting our business on internet. So, the attacks are really happening every day, every minute, every second, and also the tax types and patterns, is keep changing. So, we should really pay attention to our website, security policy and security strategy. Otherwise there will always be something new. Try to break us. Because we are, we are running business on the internet, from the we call them the web service. Usually it's a very common concept. Web service web service involves two factors that the client side and the server side. That's why we need to categorize them into two part. So, some attacks are actually a focused on your client side of vulnerability, and some actually are trying to break your web server side. And again, something more valuable from your server side. You can take the take a look at the left, right, we talk about the web. Client side usually is one kind of attack access. It’s a cross site scripting your means when someone is trying to um gain some information from your local client host, they can just set up some fraud website and embedded some very bad script into the into the page. When you visit the website you maybe you trust it. It's a very beginning, right? You don't know they are doing this kind of very dangerous stuff, so you just click and browse and surf on the on the pages, and they get some eggs at the back of the stage. They will use some hidden scripts to actually begin to grab information and seek information from your class in s r f h attack is something a little bit like the access, as it's all need to run some command from your class. But the difference is that usually when some attack is happening, the purpose of this attack is trying to give some information locally from your class abut ssrf, they will do the best things further. They will use your brother and use your identity and trying to pretend to be yourself, and then they will go to some other third-party website. And because by nature, or by default, the hacker cannot visit that website. But you can right, because that third-party website may be trusted, your identity, so that's why they cost across side request fraud, and the hacker will try to use your identity to visit some websites to gain some valuable information which he pretends to be you and proud of vulnerabilities.