ASWEN.png

AWS Cloud Security

This course will be a whole week of learning how to design and deploy critical infrastructure in the cloud. You will learn the different building blocks of AWS and how security modelling principles apply across all cloud deployments. You will become skilled in how to identify security misconfigurations and how to exploit them.
You will also take the time to learn key technologies available to you within AWS to detect and identify vulnerabilities, potential compromise and identify bothersome attacks. This course will focus primarily on AWS and the standard technologies deployed in the cloud.
This course is designed to take you from “Zero to Hero”.

Who is the AWS Cloud Security for?

  • IT professionals are already operating and securing AWS environments.

  • Penetration testers are looking to understand how cloud and containers work.

  • Developers are looking to secure their applications when running in the cloud and anyone else looking to upskill into modern platform technologies.

Learning Objectives

  • Understand the architecture of AWS

  • Understand Identity and Access Management IAM, the underpinning and crucial to know authentication and authorisation within AWS.

  • Become familiar with networking within cloud environments and all its advantages and limitations

  • Learn about AWS specific service offerings and how they interact

  • Gain practical experience in auditing an AWS environment to identify common and preventable misconfigurations

  • Understand how to exploit identified vulnerabilities

  • Learn how traditional penetration testing techniques are applied to cloud services

  • Deep dive into containers, how they work and typical misconfigurations

  • Practically exploit container misconfigurations to attack host services.

  • Understand serverless environments within AWS and how they can be exploited

  • Practically exploit vulnerable serverless functions through the API Gateway.

  • How to laterally move between exposed cloud services

  • How to detect malicious activity and implement proactive counter-measures

  • Get an overview of security controls and services available within AWS.