Training Course | Cloud Security
Learn how to secure software deployed into cloud environments
Cloud Security is a training course that offers delegates a comprehensive understanding of how to secure software applications deployed in cloud environments, focusing on the challenges and advantages of utilising serverless solutions.
Duration: 2-3 Days
Location: Virtual | Classroom
Skill Level: Intermediate
- How to identify & mitigate threats to cloud-based infrastructure
- Consistent vocabulary and structure for discussing and managing security concerns
- Understand the process of prevention, detection, recovery
This course will provide anyone building applications natively for the cloud (developers, architects, DevOps and DevSecOps) with a practical understanding of securing software deployed into cloud environments including an understanding of the issues and opportunities presented by serverless solutions.
An eye-opening to understand all the vulnerabilities that exist. Even though we have security reps within the company this would make you think there is a need for specially trained staff whose sole focus is that.
Delegates will complete training in the following modules.
- Vulnerability landscape for IaaS, SaaS and PaaS Current threats.
- Shared Responsibility Model
- Principle of Least Privilege
2. Microservices and Serverless
- Monolith to microservice to serverless
- Removing expensive and redundant servers
3. Managed Services
- Secrets Manager
- Guard Duty
- Security tooling
4. Infrastructure as Code
- Some examples
- Some bad examples
5. Securing infrastructure
- Securing access to your cloud environments including effective use of IAM technologies, certificates and secrets
- Understanding least privileged access in cloud environments
- Effective IAM policies, roles & groups
6. Authentication & Authorisation
- Exploration of Authentication and Authorisation methods and technologies
- Use of cloud specific systems including: Cognito, OAUTH2 and JWT
- Preventing lateral movement
- Effective logging techniques
- Retention policies
- How, what and where to log
- Alerting - links into the below
8. Finding vulnerabilities - Competition
- Understanding flaws
- Scanning infrastructure automating vulnerability scanning
9. Tools to Help
Use of technologies to provide oversight to the cloud environment including automating protective actions
Working with solutions including:
- AWS Config
- Service Control Policies
- WAR - Well Architected Review - AWS
Looking to continue on your learning path? The following courses are ideal as follow-on courses to Cloud Security.
Or send us a quick message