sergiiblog.com Explore topics
DevSecOps • AWS WAF & CloudWatch

Secure Your AWS Web Apps — Fast, Practical, Proven

Hands-on training that shows exactly how to configure AWS WAF, analyze attacks with Athena, use CloudWatch as detector of abnormal hacker's behavior.

4.7 rating (207 reviews)
👨‍🎓 16,029 students
📅 Updated July 2025
🛡️ Udemy 30-day guarantee
Get the best price now Watch a free preview
Coupon: AWSWAF-SEP-01
Use the link below — discount applies automatically on Udemy.
--
Learn how to configure deploy and configure AWS WAF
Set up WAF black/white lists, rate limiting, managed and custom rules
Analyze WAF logs with Athena & build CloudWatch alerts
Cyber thread analysis basics, DevSecOps tips and tricks
Enroll with discount
See it in action

A 4-minute intro to the course. Preview a real lesson before you join.

Curriculum snapshot

6+ hours on-demand • lifetime access • hands-on labs

  • Flask app - local environment
  • Flask app - code overview, how application works
  • Flask app - custom exceptions
  • Flask app - logging
  • Terraform installation with tfenv
  • AWS profile and terrafrom configuration
  • Running terraform scripts - essential introduction
  • Applying terraform - Part 1: pre init and network terrafrom modules
  • Applying terraform - Part 2: AWS ALB and AWS Certificate Manage,
  • Build docker image and push it to the AWS ECR
  • Applying terraform - Part 3: flask application at EC2 using auto scaling group
  • Applying terraform - Part 4: add EC2 to AWS ALB as target group
  • What is WAF and how it works
  • AWS WAF managed rules as first step
  • AWS WAF managed rules and count mode
  • AWS WAF logs and test data set
  • Initial Athena-WAF configuration
  • Athena - running first query, WAF logs structure, Athena pricing
  • How to analyse WAF log’s data with Athena queries - part 1
  • How to analyse WAF log’s data with Athena queries - part 2
  • AWS WAF managed rules configuration methodology and rules versions
  • AWS WAF managed rules in action
  • AWS WAF - custom white and black lists - part 1
  • AWS WAF - custom white and black lists - part 2
  • AWS WAF and custom regex pattern set
  • AWS WAF rate rules introduction
  • How to calculate rate thresholds for application using Athena and ALB logs
  • AWS WAF rate rules in practice - part 1
  • AWS WAF rate rules in practice - part 2
  • AWS WAF metrics and alarms
  • AWS WAF priority
  • Why AWS WAF is not a silver bullet
  • How to use CloudWatch logs
  • Understanding Application logs with CloudWatch Logs Insights and Dashboards
  • Custom CloudWatch metrics and alerts as sensitive detector of abnormal behavior
  • Cyber threat analysis workflow - part 1
  • Cyber threat analysis workflow - part 2
  • Analyse data at Excel - part 1
  • Analyse data at Excel - part 2
  • Security defense framework
  • Cyber Security Questionnaire
Get discount & start now
What students say
“The knowledge I gained about threat analysis using Athena is priceless. It’s a technique I can use for both current projects and future security audits, helping me stay one step ahead of potential threats.”
— Ryan S.
“Yes, this course was a great match for me. It provided clear and practical insights into securing web applications using AWS WAF and CloudWatch. The instructor explained concepts well, and the hands-on exercises helped reinforce my understanding.”
— Lucky S.
“This course has been an excellent introduction to securing AWS-hosted web applications. Sergii made complex security concepts accessible, and I feel equipped to implement secure practices in my own projects.”
— William F.
Meet your instructor

Sergii Demianchuk — 18+ year’s experience as a software engineer.CTO & System Architect. Taught 35k+ students worldwide.

  • Real production experience with AWS WAF & CloudWatch
  • Practical, copy-paste-ready configurations
  • Fast support via Q&A

Zero risk: Udemy’s 30-day money-back guarantee.

Secure checkout on Udemy. Lifetime access. Certificate of completion.

Enroll with coupon
Frequently asked

Basic AWS familiarity helps, but the course starts from first principles and builds up quickly. But you need to have active AWS account and some active web domain

Yes. Lifetime access on Udemy, all future updates included.

It’s a structured, end-to-end path with labs, configs, and real attack analysis — not random snippets.

Ready to secure your AWS apps? Get the best price