Part 2. Watching for anomalies and protecting services against attacks

Every business, be it in the digital or physical world, must protect itself against attacks at some point. For the small shop owner, the main threat is shoplifting. For the international businessman, it’s a hostile takeover from another corporation. When building online services, operators are mostly worried about data breaches and denial of service attacks.

In part 1, you built and secured an infrastructure that’s designed to grow quickly by using DevOps techniques to industrialize operations. In part 2, you’ll protect this infrastructure by watching its activity, spotting anomalies, detecting intrusions, and helping it recover from security incidents. You’ll step away from integrating controls into the CI/CD/IaaS pipeline and build separate security services designed to protect the core applications of the organization.