DevSecOps & Cloud Security

通过 Coursera Plus 提高技能，仅需 239 美元/年（原价 399 美元）。立即节省

DevSecOps & Cloud Security

位教师：Sergii Demianchuk

包含在中

了解更多

4个模块

深入了解一个主题并学习基础知识。

高级设置等级

推荐体验

8 小时完成

灵活的计划

自行安排学习进度

4个模块

深入了解一个主题并学习基础知识。

高级设置等级

推荐体验

8 小时完成

灵活的计划

自行安排学习进度

您将学到什么

Analyze the AI bot threat landscape and set up a local Flask application with Terraform tooling.
Deploy production AWS infrastructure with Terraform: VPC, ALB, CloudFront, WAF, and EC2 auto scaling groups.
Implement intelligent traffic routing, cache separation, and degraded content with CloudFront and Lambda@Edge.
Configure advanced WAF protections, analyze logs with Athena, and enforce a data-driven strategic bot policy.

您将获得的技能

您将学习的工具

要了解的详细信息

可分享的证书

添加到您的领英档案

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

该课程共有4个模块

Protect modern web applications from AI crawlers, LLM scrapers, and malicious bot traffic with a practical, AWS-native DevSecOps workflow. In this advanced course, you will build and secure a production-style web delivery stack using Terraform, AWS WAF, CloudFront, Lambda@Edge, EC2, ALB, and Amazon Athena.

Starting from a simple Flask application, you will deploy a complete AWS environment as code, then implement multi-layered bot mitigation strategies such as cache separation for bots and humans, degraded content delivery, edge-based traffic routing, and advanced AWS WAF Bot Control. You will also work with JA4 TLS fingerprinting, managed rules, IP and GEO controls, and Athena-based log analysis to create a data-driven bot policy. By the end, you will be able to design and enforce a scalable AWS bot protection architecture that reduces origin load, improves resilience, and helps defend against AI-driven scraping and automated abuse in real-world environments.

This module explores the economic and technical forces behind the AI bot surge using real traffic data from a commercial marketplace. Learners will examine how training and on-demand bots differ in their impact, why traditional defenses are no longer sufficient, and what a high-level multi-layered infrastructure strategy looks like. The module then transitions to hands-on preparation, where learners set up the Flask demo application locally, install Terraform, configure AWS credentials, and push the Docker image to ECR, establishing the prerequisites for cloud deployment in subsequent modules.

涵盖的内容

9个视频2篇阅读材料1个作业1次同伴评审1个讨论话题

9个视频总计31分钟

The AI Bot Problem: Definition and Strategic Outlook 10分钟
Lab Environment Overview 2分钟
Multi-Layered Infrastructure Strategy Components (Part 1) 2分钟
Multi-Layered Infrastructure Strategy Components (Part 2) 4分钟
Flask App: Local Environment 3分钟
Flask App: Code Overview 2分钟
Terraform Installation with tfenv 3分钟
AWS Profile and Terraform Configuration3分钟
Build Docker Image and Push to AWS ECR 2分钟

2篇阅读材料总计10分钟

Welcome to the Course: Course Overview5分钟
Best Practices for Using the Terraform AWS Provider 5分钟

1个作业总计20分钟

The AI Bot Threat Landscape and Local Development Setup20分钟

1次同伴评审总计10分钟

Hands-On-Learning: Local Environment Verification and ECR Push10分钟

1个讨论话题总计10分钟

Keeping Development and Production Environments in Sync10分钟

This module moves from local development to full cloud deployment using Terraform. Learners will build a VPC with public and private subnets, configure security groups, delegate a domain to Route 53, generate SSL certificates with ACM, deploy an Application Load Balancer, and launch EC2 instances in an Auto Scaling group running the Flask container. The module then layers on CloudFront and WAF with logging via Kinesis Firehose. It concludes with a practical analysis of why reactive auto-scaling fails against short, aggressive AI bot spikes, using real commercial data from a Petalbot and Ahrefsbot traffic event.

涵盖的内容

14个视频1篇阅读材料1个作业1次同伴评审1个讨论话题

14个视频总计60分钟

Running Terraform Scripts: Essential Introduction 1分钟
Pre-Init and Network Terraform Modules 6分钟
Domain Delegation and ACM Terraform Module 6分钟
ALB Terraform Module 3分钟
Important Note: Project Name Prefix Differences1分钟
Flask Application on EC2 Using Auto Scaling Group 7分钟
Add EC2 to AWS ALB as Target Group 2分钟
EC2 in the AWS Console and SSH Login 3分钟
Amazon CloudFront Base Components 1分钟
CloudFront and WAF Terraform Module (Part 1: CloudFront) 8分钟
CloudFront and WAF Terraform Module (Part 2: WAF) 4分钟
CloudFront and WAF: AWS Console Overview and Maintenance Mode 6分钟
Auto-Scaling Surprises 6分钟
AWS Fargate and Commercial Practice Example 6分钟

1篇阅读材料总计5分钟

Deploy the Security Automations for AWS WAF Solution Using Terraform 5分钟

1个作业总计20分钟

Production Infrastructure Deployment on AWS20分钟

1次同伴评审总计10分钟

Hands-On-Learning: Full AWS Infrastructure Deployment10分钟

1个讨论话题总计10分钟

Public Subnets vs. Private Subnets for EC2 Instances10分钟

This module transforms CloudFront into a bot-aware traffic router. Learners will understand the two-layer caching architecture of CloudFront, implement a degraded content strategy that serves lightweight static content to bots while preserving the full experience for humans, and deploy Lambda@Edge to dynamically route bot traffic to a secondary CloudFront distribution backed by S3. The module also addresses cache collision between bot and human responses using CloudFront Functions, solves the missing assets problem through immutable asset deployments and Origin Shield, and concludes with a summary of all key patterns for bot-resilient content delivery.

涵盖的内容

13个视频1篇阅读材料1个作业1次同伴评审1个讨论话题

13个视频总计49分钟

How CloudFront Works 7分钟
Degraded Content Strategy (Part 1) 3分钟
Degraded Content Strategy (Part 2) 4分钟
Routing Bots with Lambda@Edge (Part 1) 6分钟
Routing Bots with Lambda@Edge (Part 2) 5分钟
Caching Surprises 3分钟
Tagging Bot Requests with CloudFront Function 5分钟
Missing Assets Issue (Part 1) 4分钟
Missing Assets Issue (Part 2) 4分钟
CloudFront Origin Shield 2分钟
Immutable Asset Deployments 4分钟
Simplified Content with Inline Assets 1分钟
Degraded Content and Immutable Assets: Key Takeaways 1分钟

1篇阅读材料总计5分钟

Customize at the Edge with Lambda@Edge 5分钟

1个作业总计20分钟

Intelligent Traffic Routing and CloudFront Optimization20分钟

1次同伴评审总计10分钟

Hands-On-Learning: Implement Degraded Content Routing and Cache Separation10分钟

1个讨论话题总计10分钟

Detecting Cache Contamination Before Users Are Affected10分钟

This module turns the CloudFront edge into an intelligent security gateway. Learners will deploy AWS WAF with IP black and white lists, GEO-based country blocking with whitelist exceptions, and set up Athena to query WAF logs for bot geography analysis. The module progresses through JA4 TLS fingerprinting for advanced rate limiting, granular URL-scoped rate rules, and the AWS IP Reputation List managed rule group. Learners will then enable AWS WAF Bot Control in COMMON mode, examine the labels and categories it emits, integrate the client-side SDK to unlock TARGETED mode, and interpret the Bot Control dashboards. The module culminates in building a Bot Identification Report using Athena and implementing a fully automated three-tier policy (allow, block, degrade) via Lambda@Edge and WAF enforcement rules.

涵盖的内容

15个视频1篇阅读材料1个作业2次同伴评审1个讨论话题

15个视频总计79分钟

What Is WAF and How It Works 4分钟
WAF Black and White Lists in AI Bots Context 6分钟
WAF GEO-Country Rule and Bot Traffic 6分钟
Athena Quick Start: Extracting Real Bot Geo Data from WAF Logs 7分钟
JA4-Based Rate Limiting: Statistical Baseline and First-Stage Filtering (Part 1) 4分钟
JA4-Based Rate Limiting: Statistical Baseline and First-Stage Filtering (Part 2) 6分钟
Granular Rate Rules: URL-Scoped Throttling in WAF 3分钟
AWS Managed Rules: Reputation Signals as a Bot Filter Layer 5分钟
AWS WAF Intelligent Bot Mitigation: Foundation and Theory 3分钟
Turning Bot Control ON (COMMON) and What It Emits 4分钟
Preparing the App Layer for Bot Control TARGETED 7分钟
Bot Control Dashboards in Practice and the Power of Bot Traffic Labels 7分钟
Bot Identification Report (Athena and Real Data) 9分钟
Concrete Bot Strategy Implementation (Part 1) 5分钟
Concrete Bot Strategy Implementation (Part 2) 4分钟

1篇阅读材料总计5分钟

Managing AI Bots with AWS WAF and Enhancing Security 5分钟

1个作业总计20分钟

Advanced WAF Defenses, Bot Control, and Strategic Policy Enforcement20分钟

2次同伴评审总计70分钟

Hands-On-Learning: Build a Bot Identification Report and Enforce a Policy10分钟
Project: Architect a Complete Bot Defense Solution for a Growing E-Commerce Platform 60分钟

1个讨论话题总计10分钟

How Would You Protect High-Value Pages on a Limited Budget?10分钟

位教师

Sergii Demianchuk

Starweaver

1 门课程1 名学生

提供方

Starweaver

从 Security 浏览更多内容

EDUCBA
Build & Deploy Serverless Apps on AWS: Design and Secure
课程
状态：免费试用
类别：提供的学分
Pearson
Securing Your DevOps Pipelines
课程
类别：提供的学分
Macquarie University
Cyber Security: DevSecOps
课程
状态：免费试用
类别：提供的学分
Johns Hopkins University
Introduction to DevSecOps
课程
类别：预览
类别：提供的学分

人们为什么选择 Coursera 来帮助自己实现职业发展

Felipe M.

自 2018开始学习的学生

''能够按照自己的速度和节奏学习课程是一次很棒的经历。只要符合自己的时间表和心情，我就可以学习。'

Jennifer J.

自 2020开始学习的学生

''我直接将从课程中学到的概念和技能应用到一个令人兴奋的新工作项目中。'

Larry W.

自 2021开始学习的学生

''如果我的大学不提供我需要的主题课程，Coursera 便是最好的去处之一。'

Chaitanya A.

''学习不仅仅是在工作中做的更好：它远不止于此。Coursera 让我无限制地学习。'

通过 Coursera Plus 开启新生涯

无限制访问 10,000+ 世界一流的课程、实践项目和就业就绪证书课程 - 所有这些都包含在您的订阅中

了解更多

通过在线学位推动您的职业生涯

获取世界一流大学的学位 - 100% 在线

探索学位

加入超过 3400 家选择 Coursera for Business 的全球公司

提升员工的技能，使其在数字经济中脱颖而出

了解更多

常见问题

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.