With the rapid adoption of cloud-hosted infrastructure, there is an innate need for skilled personnel to persistently defend organizations against threats. While AWS onboarding is relatively streamlined, the continuous security of AWS infrastructure and its services is an entirely different ball game.
The massive adoption of cloud services with ever-growing numbers of AWS services has left the security team with the lion’s share of work to identify, analyze and secure an organization’s assets across cloud infrastructure. Multiple cloud accounts have added more stress to the whole equation of securing cloud infrastructures. The security team has to cater to the growth and adoption of different services in the cloud and make sure that there is no hole left to get into the infrastructure and do the lateral movement.
This training approaches cloud security with a multi-layer approach by understanding the perimeter of assets/services, implementing cloud-native security services, and getting into the detailed security of the important resources.
While we are performing secure implementation of AWS resources/services, the hardening of OS, CI/CD, Containers, and Kubernetes clusters also become an integral part of the security team’s realm.
“As many services” is directly proportional to “As many avenues to abuse”!
While cloud-native security solutions are relatively easier to implement and are optimized as per their respective environments, the training doesn’t limit the security to cloud-native solutions. This training gives an equal amount of open-source options to implement a similar or better security posture without depending on cloud-native security services and enables the organization to have more granular control over the security of its infrastructure.
- Introduction to AWS and its services
- Roles vs Policy
- Auditing cloud resources
- AWS Trusted Advisor
- AWS Guard Duty
- AWS Inspector
- Setting up AWS WAF and understanding its limitations
- WAF testing
- Subdomain takeover detection
- Setting up a SIEM
- Hardening OS
- Secret/Sensitive Key Detection in code
- Docker Security
- Kubernetes Security
Why is this class needed?
- While the industry has aggressively adopted AWS infrastructures, the security up-skilling hasn’t happened at the same pace. This training is aimed at bridging this gap. ● The training focuses more on practical and hands-on exercises where participants can play around and acquire the skill set required to successfully manage cloud security for their organizations.
- Security posture management of AWS
- Cloud attack vectors and their implications
- Leveraging open sources for granular control of security
Security Analysts, System Administrators, Pen Testers, Cloud Engineers, DevOps Engineers, or anyone interested in securing AWS
Audience Skill Level – Beginner/Intermediate
What You’ll Need to Bring to the Class
- Basic understanding of linux, SSH, SCP, and git
- A working personal AWS account, with a credit card attached to it
- A laptop with unfiltered internet access and administrative privileges (to install tools), with a minimum of 4GB RAM
What You’ll Receive as Part of the Class
- Practice Materials
- Cheat Sheets for securing AWS infrastructure
Jayesh Singh Chauhan is a security professional with 11 years of experience in the security space and he is the founder of Cloud Village at DEF CON. In the past, he has been part of the security teams of PayPal, PwC, and was the Director of Product Security at Sprinklr Inc. He has been a trainer at conferences like Blackhat USA, AppSec NZ, nullcon, and has trained defense forces. He has also authored Cloud Security Suite, OWASP Skanda, RFID_Cloner, and
has presented his work in BlackHat Arsenal(USA, EU Asia), DEF CON DemoLabs, HackMiami, c0c0n, OWASP Global, and OffZone Moscow.