Training: AWS Cloud Security
Ever more companies are increasingly relying on cloud services, whether in a cloud-first or hybrid strategy. Quite often, this allows agility, scalability and team autonomy that cannot be realized with classic IT infrastructures. But cloud environments are complex and have dozens of services, all interacting with each other in different ways. Often the autonomy that project teams have means a loss of central control as well. Nevertheless, or precisely because of the simplicity, speed and independence in setting up systems and putting them into productive operation in cloud environments without the involvement of other parties such as corporate IT, more and more business-critical applications or sensitive data are also ending up in the cloud. For the reasons mentioned, it is essential for the operation of own systems and services in the cloud to secure them in order to protect the systems and data from unauthorized access. This training course deals with how to do this for AWS – how to use AWS services securely, how to avoid common security mistakes, and thus how to protect the company’s own systems and data in the cloud from hacker attacks.
What do attendees learn in the training course?
This training course covers the most common security pitfalls and security issues in setting up and operating cloud environments in AWS. It reviews the interaction of various, often interconnected, AWS services for security risks, discusses best practices, and identifies risks. Participants learn which AWS services are particularly sensitive, how to detect attacks on their own cloud infrastructure, and how infrastructure, applications, and cloud services are interconnected. It also discusses multi-step attack chains that cross the above layers.
What are the contents?
- Presentation of key security-critical AWS services and associated risks.
- Best practices regarding secure IAM
- Best practices regarding the secure handling of credentials, tokens and keys
- General security best practices in AWS
- Secure segmentation of cloud resources
- Dealing with autonomous teams and their impact on overall security
- Security logging, monitoring, and alerting in AWS
- Security policies, roles, and permissions
- Interaction of infrastructure, applications, as well as cloud services and security risks from them
What is the target audience (prior knowledge etc.)?
Cloud engineers, cloud architects, DevOps personnel, and other technical staff and leaders who have prior experience using AWS. Participants must bring their own laptops with current versions of awscli and terraform installed.
How long does the training take?
Duration: 2 days