About the course
SEC545: Cloud Security Architecture and Operations
Mon, April 8 - Fri, April 12, 2019
Contents | Additional Info
Instructor: Dave Shackleford
As more organizations move data and infrastructure to the cloud, security is becoming a major priority. Operations and development teams are finding new uses for cloud services, and executives are eager to save money and gain new capabilities and operational efficiency by using these services. But, will information security prove to be an Achilles' heel? Many cloud providers do not provide detailed control information about their internal environments, and quite a few common security controls used internally may not translate directly to the public cloud.
The SEC545 course, Cloud Security Architecture and Operations, will tackle these issues one by one. We'll start with a brief introduction to cloud security fundamentals, and then cover the critical concepts of cloud policy and governance for security professionals. For the rest of day one and all of day two, we'll move into technical security principles and controls for all major cloud types (SaaS, PaaS, and IaaS). We'll learn about the Cloud Security Alliance framework for cloud control areas, then delve into assessing risk for cloud services, looking specifically at technical areas that need to be addressed.
The course then moves into cloud architecture and security design, both for building new architectures and for adapting tried-and-true security tools and processes to the cloud. This will be a comprehensive discussion that encompasses network security (firewalls and network access controls, intrusion detection, and more), as well as all the other layers of the cloud security stack. We'll visit each layer and the components therein, including building secure instances, data security, identity and account security, and much more. We'll devote an entire day to adapting our offense and defense focal areas to cloud. This will involve looking at vulnerability management and pen testing, as well as covering the latest and greatest cloud security research. On the defense side, we'll delve into incident handling, forensics, event management, and application security.
We wrap up the course by taking a deep dive into SecDevOps and automation, investigating methods of embedding security into orchestration and every facet of the cloud life cycle. We'll explore tools and tactics that work, and even walk through several cutting-edge use cases where security can be automated entirely in both deployment and incident detection-and-response scenarios using APIs and scripting.
NOTICE: Additional Student Requirements:
An Amazon Web Services (AWS) account is required to do hands-on exercises during this course! The AWS account must be created prior to the start of class. Your ability to execute the hands-on exercises will be delayed if you wait to set up the AWS account in class. For detailed instructions on setting up your account: https://www.sans.org/media/security-training/laptop/Creating_your_SEC545_AWS_Account.pdf
Estimated additional cost for the week of AWS account usage: $15 - $25
SEC545.1: Cloud Security Foundations
SEC545.2: Core Security Controls for Cloud Computing
SEC545.3: Cloud Security Architecture and Design
SEC545.4: Cloud Security - Offense and Defense
SEC545.5: Cloud Security Automation and Orchestration
The cloud is happening - face it, security teams need to adapt to moving assets to the cloud, and it's happening fast. Unfortunately, many security teams aren't comfortable with the tools, controls, and design models needed to properly secure the cloud, and they need to get up to speed fast. In addition, many DevOps teams are building automated deployment pipelines, and security teams aren't integrated into those workflows. This class is going to help you. We'll take you from A to Z in the cloud, with everything ranging from policy, contracts, and governance to controls at all layers. We'll design cloud architectures, cover IAM and encryption, and look at how offense and defense differ in the cloud. We'll wrap it all up with automation tactics that will help you work effectively with the DevOps teams, and build a sustainable cloud security program in your environment.
- Dave Shackleford
|Start date||Location / delivery|
|08 Apr 2019||London|
|23 Sep 2019||London|