Back to All Events

Hacking and Securing Cloud Infrastructure


Special Price


$2,195

Ends on Oct 1st

Overview

Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This course covers both the theory a well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure.

Prior pentest / security experience is not a strict requirement, however, some knowledge of Cloud Services and a familiarity with common Unix command line syntax will be beneficial. The following is the syllabus for the class:

●      Introduction to Cloud Computing
●      Why cloud matters
●      How cloud security differs from conventional security
●      Types of cloud services
●      Legalities around attacking / pentesting cloud services.
●      Understanding the Attack Surfaces of various Cloud offerings, such as IaaS, PaaS, SaaS, FaaS
●      Exploiting serverless applications
●      Owning cloud machines
●      Attacking cloud services such as storage service or database services
●      Examples and case studies of various cloud hacks
●      Privilege escalation (horizontal and vertical) and pivoting techniques in cloud
●      Obtaining persistence in cloud
●      Exploiting dormant assets : Id’s, services, resources groups, security groups or more
●      Cloud Infrastructure Defense
●      Monitoring and logging
●      Benchmarks
●      Auditing Cloud Infrastructure (Manual and automated approach)
●      Base Images / Golden Image auditing for Virtual Machine / Container Infrastructure
●      Preventive measures against cloud attacks
●      Host-based Defense
●      Using Cloud services to perform defense
●      Ending CTF to reinforce the learning

Price: $2,195