# What you'll learn

After watching this video, you'll be able to: 
* Describe the importance of securing each layer.
* Identify the four security layers of application development.
* Describe logging, analyzing, and detection methods for securing layers for application development.

# Importance of Security Layers

* Everyone loves a good cake, right? I know I do.
* However, cakes are made of different flavors and frostings, and these layers are what provide the visual appeal and give it a sumptuous taste.
* The benefits of layers of a cake are an excellent analogy for ensuring layers of security, specifically for application developers like yourself.

Let's look at important security layers that should be used when developing applications.

# Layers of Security

* The first layer to secure for application developers is the web application layer.
* The web application layer could be composed of a **front-end layer** consisting of JavaScript, CSS, and HTML code running in web browsers using Hypertext Transport Protocol Secure or HTTPS across devices.
* However, the **backend layer** of the web application layer typically consists of databases that provide data to the front end during users' experiences with the application.
* The **middle layer** of the web application provides a connection between the front end and the back end by using an application programming interface or API developed in languages such as Python, Java, or Ruby.
* As an application developer, you must test all the layers of a web application.
* **How can you do that?**
    * Run vulnerability scanners, 
    * run tests, and 
    * allow other team developers to audit the web applications before deploying to production.

# Securing the Cloud infrastructure

* You can safeguard the next layer by securing the Cloud infrastructure.
* Cloud-based databases are sources of user information such as **usernames**, **passwords**, and **other confidential information**.
* Thus, you should be sure not to include administrator credentials when developing applications to connect to Cloud-based databases just in case a cyber-threat may occur.

# Creating security groups

![image.png](attachment:5df17cd8-bf01-4b74-a15b-00dcfaf3a105.png)

* Another measure of protection is by creating security groups that restrict access to certain Cloud resources.
* In addition to restricting access, secure code should also implement **two-factor authentication** for all users of web applications, be it phone or text authentication.
* You should also include strong authentication to reduce the possibility of unrestricted intrusion by a bad actor.

# Securing the communication layer

![image.png](attachment:be020b0e-1b1e-462e-84fa-12fe44a6cfda.png)

* In addition to the cloud layer, securing the communications layer is important to manage using a secure shell or SSH, HTTPS, Secure Sockets Layer, Transport Layer Security, or SSL/TLS.
* SSH is secure connection protection for connecting with remote devices such as physical and Cloud servers.
* By implementing SSH, application developers secure their connections to remote devices when uploading, deploying, and testing code.
* Another security measure in the communications layer is using the Secure Sockets Layer, SSL, and TLS, which are necessary technologies for securing connections between clients and servers.
* Data transferred over secure connections with SSL and TLS, guarantees that hackers attempting man-in-the-middle attacks do not intercept communications.

# Securing the security code delivery pipeline layer

![image.png](attachment:d8df5394-9139-4fec-8b8a-e862488d35d2.png)

* When application developers need to commit code to an application project, the security code delivery pipeline layer should also be secured and restricted.
* To do this, you can lock down the code repositories in GitHub with specific permissions and an audit should be conducted periodically.
* Two-factor authentication is also important to authenticate third parties, such as GitHub and respective Cloud providers.

# Securing cloud assets

* If Cloud sources are implemented for developing applications, Identification and Access Management (IAM) should be configured for securing Cloud assets according to the needs and roles when developing.
* IAM roles are an important security mechanism to grant permissions to applications and systems within Cloud infrastructures.
* Finally, secret passwords, certificates, and encryption keys should be stored in secret storage services such as HashiCorp Vault.

# Ensure logging systems

* It's also important to remember that every application should have a logging system to collect log messages for identifying any anomalies.
* Anomalies are unique and unexpected events occurring within an application or system.
* An example of an anomaly is an attempt to log in as an administrator of a system without the necessary credentials.
* Logging is considered another security layer, analyzing and storing for future inspection by application developers.
* Lastly, access to the log messages should not be provided to all system users, but only those who can be trusted and need access for reviewing and analyzing.

# Intrusion detection

* The final layer of defense is intrusion detection.
* Intrusion detection is the ongoing detection of any cyberattacks, threats, and intrusions that compromise an application or a system.
* The three methods of intrusion detection are **endpoint security, network security, and system-call auditing**.

# Three methods of intrusion detection

![image.png](attachment:824a6728-2bd7-47d5-a5b1-fe7de90145ff.png)

Now, let's understand each of the **three methods of intrusion detection**:
* **Endpoint security** protects systems, servers, and various types of devices connected to a network.
* **Network security** is monitoring a network using a network tool such as Nmap and Snort.
* **System call auditing** is the retrieval and review of system call information from a kernel such as the Linux kernel.

# Summary

In this video, 
* You learned the importance of security layers and how to secure the four layers of application development.
* You can secure the first layer by:
    * running vulnerability scanners, 
    * running tests, and 
    * auditing web applications before deploying them for production.
* You must secure the Cloud infrastructure or create security groups restricting access to certain Cloud resources.
* Securing the communications layer is important to manage using SSH, HTTPS, and SSL/TLS, or by using the Secure Sockets Layer.
* If Cloud sources are implemented for developing applications, Identification and Access Management (IAM) should be configured for securing Cloud assets according to the needs and roles when developing.
* Lastly, ensure logging systems and safeguard the final layer of defense, that is intrusion detection and endpoint security.