SEC584: SANS Cloud Security Amsterdam 2022

Provided by

Enquire about this course

What You Will Learn

Deploy Securely At The Speed Of Cloud Native

Cloud native infrastructure and service providers are enabling organizations to build and deliver modern systems faster than ever. The end-to-end toolchain supporting the systems includes managed services to create cloud infrastructure, store source code, build containers, and manage clusters. For information security professionals, the attack surface created by these modern systems can be difficult to defend and monitor. SEC584 explores Docker and Kubernetes, key components of the cloud native infrastructure stack, providing in-depth analysis of the attack surface, misconfigurations, attack patterns, and hardening steps. Students will gain hands-on experience building, exploring, and securing real-world modern systems through an offensive lens.

SEC584 starts by painting a portrait of the modern cloud-native infrastructure hosted in Google Cloud. After deploying cloud resources, students examine methods of compromise, walk through attack scenarios, and then shift their focus to defending and remediating infrastructure services. This includes hardening Kubernetes orchestrator and workload configuration, deploying security testing and monitoring software in pipelines and clusters, cryptographically signing images and build pipelines, and applying AppArmor and Seccomp profiles to containerized workloads.

The course then shifts its focus to defending a live Kubernetes deployment. After students identify several Kubernetes weaknesses, hands-on exercises attacking and remediating security and network policies and admission controllers will help them lock down the lab environment. Attacks and controls are threat-modeled to ensure they are applied correctly, tested out-of-band to ensure their efficacy, and applied at multiple stages throughout the pipeline to enhance engineers' productivity and feedback loops.

  • Understand why many cloud native services have evolved quickly and without security as a top consideration
  • Secure containerized applications and defend orchestration workloads
  • Leverage automated testing tools to perform security testing and harden your deployments
  • Use real-world exploits to target key application deployment components
  • Understand the risks involved in running cloud native infrastructure
  • Explore vulnerabilities to cloud native deployments through authentication, pipeline, and supply chain exploits
  • Exploit and then secure application deployments via Docker and Kubernetes
  • Determine how vulnerabilities are exploited and how defenses are designed
  • Printed and Electronic courseware
  • Course virtual machine with all class labs


Start date Location / delivery
14 Mar 2022 Amsterdam Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...