Service Security Specialist

Service Security Specialist
Add To Favourites
USD $3,285.99 workshop (exam vouchers)




Options




Workshops not currently scheduled

We are currently planning the workshops for this course. You may purchase an eLearning kit for immediate access or contact us for further details.

Overview

The need for robust IT Security is becoming more prominent as the world becomes highly connected. With services being the backbone of the API economy, the role of the Service Security Specialist is even more important.

 This course provides essential techniques, patterns and industry technologies that pertain to establishing security controls and security architectures for services, microservices and service-oriented solutions.


Duration:  5-days


Intended for
Solution Architects, Enterprise Architects, Security Architects, Integration Architects, IT Professionals, anyone that is involved in creation of secure services.


Pre-requisites
An understanding of IT concepts including messaging and security is recommended.


Learning Outcomes
A comprehensive understanding of Services as well as common threats and vulnerabilities associated with services-based solutions are provided. Some of the main topics covered include:

  • Security and the Service-Oriented Architectural Model
  • Security Implications of Service-Orientation Principles
  • Trust, Claims, Tokens, Identity, Authentication, Authorization, Transport and Message Layer Security
  • Encryption, Hashing, Digital Signatures, Identity and Access Management (IAM)
  • Public Key Infrastructure (PKI), Digital Certificates, Certificate Authorities, Single Sign-On (SSO)
  • REST Services and JSON Industry Standards
  • JavaScript Object Signing and Encryption (JOSE) Framework, OAuth2
  • HTTP Basic and Digest Authentication, API Key, JWT with X.509 certificates
  • Service Interaction Security Patterns (Data Confidentiality, Data Origin Authentication, Direct Authentication, Brokered Authentication)
  • Web Services and XML Industry Standards
  • XML Encryption, XML Signature, WS-Security, Token Profiles, SAML
  • Microservice Security Considerations
  • STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial-of-Service, Elevation of Privilege)
  • SOA Security Patterns for Internal Service Architecture
  • Security Token Structures and Issuance (JWT, Username, X.509, SAML)
  • Authentication Sessions and Secure Conversations
  • Federation and Trust Brokering Security
  • Policy Design and Governance
  • REST Security Controls and Designs
  • Open API Specification (OAS v 3.0), Open ID Connect
  • Web service Security Controls and Designs
  • WS-Policy, WS-SecurityPolicy, WS-Trust and WS-Secure Conversation with SAML
  • Microservices and Containerization Security Considerations
  • Security Extensions and Controls for API Gateways and ESBs
  • Security Risks and Considerations for Cloud-based Services and Service Compositions
  • Preparing for Common SOA Security Threats

And more… Please see the Details tab for a breakdown of daily topics.


Other details

  • This bootcamp-style training session is delivered over 5 days as described in the Agenda in the Details tab.
  • The base price is shown on this page, there is an option to purchase the course with or without the associated exam vouchers.
  • All participants that complete the workshop will receive a Certificate of Completion.
  • Those that pass the exams required for the Certified Service Security Specialist designation will receive official certificate for this designation and will have access to the benefits associated with this certification.
  • Please note that seating in this workshop is limited.

In the Details tab you can find more information about this workshop:

  • Workshop Materials - A list of the materials and text books that are included in the registration fee.
  • Agenda - Full course outlines are provided.
  • Schedule
  • Registration information regarding the cancellation policy.
  • Location Details regarding the planned location of the workshop.
  • Exams and Certification - An explanation of how to take exams and get certified upon completion of the workshop.

 

Note: All quoted pricing is excluding GST. For customers in Australia GST will be added during the check-out process.

Agenda
Day 1 / Module 1 (9:00 AM - 4:00 PM / Monday)
Fundamental SOA, Services & Microservices
An easy to understand, end-to-end overview of contemporary service concepts and technologies pertaining to modern-day microservices and service-oriented computing, as well as business and technology-related topics pertaining to service-oriented architecture (SOA).

The following primary topics are covered:

  • Business and Technology Drivers for SOA, Services, and Microservices
  • Strategic Goals and Benefits of Service-Oriented Computing
  • Plain English Introduction to Services and Microservices
  • Fundamental Characteristics of a Service-Oriented Architecture
  • Understanding Service-Orientation as a Design Paradigm, including coverage of the Four Pillars ofService-Orientation
  • Introduction to Service Layers, Service Models, and Service Compositions
  • Service Inventories, Service Layers and Service API Governance and Management
  • Introduction to Common Service Technologies, including API Gateways, Virtualization, Containerization
  • Introduction to Cloud Computing and Cloud Services
  • Adoption Impacts and Requirements, including considerations for Governance, Infrastructure, Performance, and Standardization

 

Day 2 / Module 2 (9:00 AM - 4:00 PM / Tuesday)
Service Technology Concepts
A focus on modern service technologies, models, and concepts that have established de facto implementation mediums for building contemporary services-based solutions. Also covered are fundamental terms, concepts, and models pertaining to cloud computing and cloud-based services.

The following primary topics are covered:

  • Comparing Service Implementation Mediums
  • Service Roles and Service Agents
  • Message Exchange Patterns and Service Activities
  • Basic XML, XML Schema, JSON and JSON Schema Concepts
  • HTTP Methods, Response Codes, and Headers
  • Basic REST Service Concepts, including Properties and Constraints
  • REST Services, Contracts, Resources, and Messaging
  • Hypermedia and Late Binding
  • Basic WSDL and SOAP Concepts
  • WS-* Technologies
  • Web Service Contracts, Messaging, and Registries
  • Cloud Computing Concepts
  • Vertical and Horizontal Scaling
  • Multitenancy, Elasticity, and Resiliency
  • On-Demand Usage, Ubiquitous Access, and Measured Usage
  • Public, Private and Hybrid Clouds
  • IaaS, PaaS, and SaaS

 

Day 3 / Module 18 (9:00 AM - 4:00 PM / Wednesday)
Fundamental Security for Services, Microservices & SOA
This course module provides essential techniques, patterns and industry technologies that pertain to establishing security controls and security architectures for services, microservices and service-oriented solutions. The following primary topics are covered:

  • Security and the Service-Oriented Architectural Model
  • SOA Security Considerations for Service and Composition Architectures
  • Security Implications of Service-Orientation Principles
  • Trust, Claims, Tokens, Identity, Authentication, Authorization, Transport and Message Layer Security
  • Encryption, Hashing, Digital Signatures, Identity and Access Management (IAM)
  • Public Key Infrastructure (PKI), Digital Certificates, Certificate Authorities, Single Sign-On (SSO)
  • REST Services and JSON Industry Standards
  • JavaScript Object Signing and Encryption (JOSE) Framework, OAuth2
  • HTTP Basic and Digest Authentication, API Key, JWT with X.509 certificates
  • Service Interaction Security Patterns (Data Confidentiality, Data Origin Authentication, Direct Authentication, Brokered
  • Authentication)
  • Web Services and XML Industry Standards
  • XML Encryption, XML Signature, WS-Security, Token Profiles, SAML
  • Microservice Security Considerations
  • Implementing SOA Security and Service-Orientation Security

 

Day 4 / Module 16 (9:00 AM - 4:00 PM / Thursday)
Advanced Security for Services, Microservices & SOA
This course covers a series of technical and complex security topics pertaining to contemporary service-oriented solution design, infrastructure, microservices, API gateways and modern service technologies. The following primary topics are covered:

  • Understanding SOA Security Threats
  • STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial-of-Service, Elevation of Privilege)
  • SOA Security Patterns for Internal Service Architecture (Exception Shielding, Message Screening, Trusted Subsystem,
  • Service Perimeter Guard)
  • Security Token Structures and Issuance (JWT, Username, X.509, SAML)
  • Authentication Sessions and Secure Conversations
  • Federation and Trust Brokering Security
  • Policy Design and Governance
  • REST Security Controls and Designs
  • Open API Specification (OAS v 3.0), Open ID Connect
  • Web service Security Controls and Designs
  • WS-Policy, WS-SecurityPolicy, WS-Trust and WS-Secure Conversation with SAML
  • Microservices and Containerization Security Considerations
  • Security Extensions and Controls for API Gateways and ESBs
  • Security Risks and Considerations for Cloud-based Services and Service Compositions
  • Preparing for Common SOA Security Threats

 

Day 5 / Module 17 (9:00 AM - 4:00 PM / Friday)
Security Lab for Services, Microservices & SOA
As a continuation of course modules 18 and 19, this hands-on workshop allows attendees to apply the security concepts, techniques, patterns and technologies previously covered in order to complete a set of exercises.

Participants are required to analyze case study backgrounds and carry out a series of exercises to solve a number of inter-related problems, with the goal of producing a range of security solutions.


Workshop Materials
The following materials will be provided to attendees of the entire workshop.

  • Full-colour printed course modules
  • Mind-maps

Schedule

  • Training starts at 9:00AM and we aim to finish around 4:30PM each day.
  • There breaks are scheduled at 10:30AM, 12:00 noon and 2:30PM but the exact times will be determined by the trainer.
  • The course is fully catered for; Morning Tea, Lunch and Afternoon Tea are provided. 

Registration
Please select your preferred location from the options and select whether you'd like Exam Vouchers then follow the registration process.

  • Alternatively, you can e-mail info@silverplatypus.com and request a quote or an invoice
  • We do offer private workshops for companies that want to hold workshops specifically for their employees, please contact us directly for a discussion or quote.
  • Accepted payment methods include Invoice, Wire Transfer, Credit Card (Amex, Visa, Mastercard) and Paypal.

Cancellation
Please see our cancellation policy.


Location
Please select the relevant city from the choices below. The exact address of the workshop will be provided closer to the workshop date.


 Exams & Certification

  • You are not required to complete exams to attend this workshop. Exams only need to be completed by those interested in attaining certification credit.
  • All workshop attendees are issued an official "Certificate of Completion" for this workshop.
  • Those that pass the exams required for the Certified Service Security Specialist designation will receive official certificate for this designation and will have access to the benefits associated with this certification.
  • The workshop instructor will stay after each course day to provide any necessary exam preparation and tutoring assistance.
  • The exams required for certification can be taken at any Pearson VUE testing center in the world or online via Pearson VUE Online Proctoring. See the Exams page for more information.
  • Several of the course modules provided by this workshop also apply toward additional certifications, as explained at SOA School Certification Matrix.

 

Note: All quoted pricing is excluding GST. For customers in Australia GST will be added during the check-out process.

Trainers are yet to be detailed.


← Go Back
Scroll To Top