Training Course | Cloud Security

Learn how to secure software deployed into cloud environments

Cloud Security is a training course that offers delegates a comprehensive understanding of how to secure software applications deployed in cloud environments, focusing on the challenges and advantages of utilising serverless solutions.

Course Information

Duration: 2-3 Days

Location: Virtual | Classroom

Skill Level: Intermediate

Learning Outcomes

  • How to identify & mitigate threats to cloud-based infrastructure
  • Consistent vocabulary and structure for discussing and managing security concerns
  • Understand the process of prevention, detection, recovery

Course Outline

This course will provide anyone building applications natively for the cloud (developers, architects, DevOps and DevSecOps) with a practical understanding of securing software deployed into cloud environments including an understanding of the issues and opportunities presented by serverless solutions.

An eye-opening to understand all the vulnerabilities that exist. Even though we have security reps within the company this would make you think there is a need for specially trained staff whose sole focus is that.

Course Attendee


Delegates will complete training in the following modules.

1. Introduction
  • Vulnerability landscape for IaaS, SaaS and PaaS Current threats.
  • Shared Responsibility Model
  • Principle of Least Privilege
2. Microservices and Serverless
  • Monolith to microservice to serverless
  • Removing expensive and redundant servers
3. Managed Services
  • Secrets Manager
  • KMS
  • IAM
  • Guard Duty
  • Security tooling
4. Infrastructure as Code
  • Some examples
  • Some bad examples
  • CDK
5. Securing infrastructure
  • Securing access to your cloud environments including effective use of IAM technologies, certificates and secrets
  • Understanding least privileged access in cloud environments
  • Effective IAM policies, roles & groups
6. Authentication & Authorisation
  • Exploration of Authentication and Authorisation methods and technologies
  • Use of cloud specific systems including: Cognito, OAUTH2 and JWT
  • Preventing lateral movement
7. Logging
  • Effective logging techniques
  • Retention policies
  • How, what and where to log
  • Alerting - links into the below
8. Finding vulnerabilities - Competition
  • Understanding flaws
  • Scanning infrastructure automating vulnerability scanning
9. Tools to Help

Use of technologies to provide oversight to the cloud environment including automating protective actions
Working with solutions including:

  • AWS Config
  • Shield
  • GuardDuty
  • Service Control Policies
  • WAR - Well Architected Review - AWS

Further Learning

Looking to continue on your learning path? The following courses are ideal as follow-on courses to Cloud Security.

Need help?

Email Us
email hidden; JavaScript is required

Or send us a quick message

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.