SEC588: SANS London November 2022

Provided by

Enquire about this course

What You Will Learn

Aim Your Arrows To The Sky And Penetrate The Cloud

You have been asked to perform a Red Team penetration test assessment. The assets are located mainly in the cloud. What if you have to assess Azure Active Directory, Amazon Web Services (AWS) workloads, serverless functions, or Kubernetes? In this course, you will learn the latest penetration testing techniques focused on the cloud and how to assess cloud environments.

Computing workloads have been moving to the cloud for years. Analysts predict that most if not all companies will have workloads in public and other cloud environments very soon. While organizations that start in a cloud-first environment may eventually move to a hybrid cloud and local data center solution, cloud usage will not decrease significantly. So when assessing organizations' risks going forward, we need to be prepared to evaluate the security of cloud-delivered services.

The most commonly asked questions regarding cloud security are "Do I need training for cloud-specific penetration testing?" and "Can I accomplish my objectives with other pen test training and apply it to the cloud?" The answer to both questions is yes, but to understand why, we need to address the explicit importance of conducting cloud-focused penetration testing. In cloud-service-provider environments, penetration testers will not encounter a traditional data center design. Specifically, what we rely on to be true in a formal setting such as who owns the Operating System and the infrastructure, and how the applications are running will likely be very different. Applications, services, and data will be hosted on a shared hosting environment unique to each cloud provider.

SEC588: Cloud Penetration Testing draws from many skill sets that are required to properly assess a cloud environment. If you are a penetration tester, the course will provide a pathway to understanding how to take your skills into cloud environments. If you are a cloud-security-focused defender or architect, the course will show you how the attackers are abusing cloud infrastructure to gain a foothold in your environments.

The course dives into topics of classic cloud Virtual Machines, buckets, and other new issues that appear in cloud-like microservices, in-memory data stores, files in the cloud, serverless functions, Kubernetes meshes, and containers. The course also covers Azure and AWS penetration testing, which is particularly important given that AWS and Microsoft account for more than half of the market. The goal is not to demonstrate these technologies but rather to teach you how to assess and report on the actual risk that the organization could face if these services are left insecure.


Start date Location / delivery
07 Nov 2022 London Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...