25,000+ Courses Nationwide
0345 4506120

Hacking and Securing Cloud Infrastructure

This 2-day course cuts through the mystery of Cloud Services (including AWS, Azure and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing a traditional network infrastructure.

Designed for Cloud Administrators, Developers, Solutions Architects, DevOps Engineers, SOC Analysts, Penetration Testers, Network Engineers, Security Auditors, security enthusiasts and anyone who wants to take their skills to next level.

Select specific date to see price, venue and full details.

Learning Objectives

Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This course covers both the theory a well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure.

Pre-Requisites

Prior pentest / security experience is not a strict requirement, however, some knowledge of Cloud Services and a familiarity with common Unix command line syntax will be beneficial.

Course Content

Introduction to Cloud Computing:

  • Introduction to cloud and why cloud security matters
  • Comparison with conventional security models
  • Shared responsibility model
  • Legalities around Cloud Pentesting

Enumeration of Cloud environments:

  • DNS based enumeration
  • OSINT techniques for cloud-based asset

Gaining Entry in Cloud Environment:

  • Serverless based attacks (AWS Lambda / Azure & Google functions)
  • Web application Attacks
  • Exposed Service ports

Attacking Specific Cloud Services:

  • Storage Attacks
  • Azure AD Attacks
  • Containers and Kubernetes Clusters
  • IAM Misconfiguration Attacks
  • Roles and permissions-based attacks
  • Attacking Cognito misconfigurations

Post – Exploitation:

  • Persistence in Cloud
  • Post exploit enumeration
  • Snapshot access
  • Backdooring the account

Auditing and Benchmarking of Cloud:

  • Preparing for the audit
  • Automated auditing via tools
  • Golden Image / Docker image audits
  • Relevant Benchmarks for cloud

Defence - Identification of cloud assets:

  • Inventory Extraction for AWS, Azure and GCP
  • Continuous inventory management

Defence - Protection of Cloud Assets:

  • Principle of least privilege
  • Control Plane and Data Plane Protection
  • Financial Protections
  • Metadata API Protection
  • Cloud specific Protections
  • Windows / Linux IaaS auditing

Defence - Detection of Security issues:

  • Setting up Monitoring and logging of the environment
  • Identifying attack patterns from logs
  • Monitoring in multi-cloud environment

Defence - Response to Attacks

  • Automated Defence techniques
  • Cloud Defence Utilities
  • Validation of Setup

Related Courses

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

We work with the best