AWS Security Review: June 2020

Overview

Ever more enterprises are moving their operations to the cloud, with AWS being the largest player in the market at present. But how can you be sure the cloud environment is safe against hackers?

The information provided in this course will be useful for both penetration testers and AWS infrastructure engineers, covering interesting attack vectors and detail on how a healthy AWS environment should be configured to prevent, mitigate and identify attacks.

The course can also be beneficial for those already studying for, or planning to achieve the AWS Certified Security Speciality exam.

This course runs on the 4th and 5th of June 2020 at the Novotel London West, London.

Important Info

Courses are confirmed with trainers 3 weeks prior to the event based upon a minimum number of attendees. If minimum numbers aren’t met the course will be cancelled. If this happens you can choose another course, have credit issued against a future booking or a full refund.

Book Now!

SKU 44CON-J20-TRN-AWS Category Tags , , ,

In stock

£1,600.00

Description

NCC Group’s AWS security review training is a focused course for security consultants and cloud architects interested in learning how to assess the main elements of a cloud environment based in AWS.

The course will cover the techniques and tools necessary to perform a thorough security review and provide an understanding of the major risks, along with the best security practices that should be considered when designing a cloud infrastructure.

£1,600.00Add to cart

Agenda

  • Introduction to AWS basics
  • Hands on with the AWS command line and tools such as Scout Suite, CloudMapper and Prowler
  • AWS networking and common issues
  • Identity and Access Management (IAM) in-depth including sample policies and interesting attack vectors
  • The EC2 service and finding credentials in metadata
  • Protecting files stored on S3 and common attacker vectors
  • Relational Database Service (RDS)
  • Monitoring and logging
  • Scripting with AWS
  • Applied practical exercises throughout the course

Who Should Take This Course

This course is ideally suited for security consultants and cloud architects interested in learning how to assess the main elements of a cloud environment based in AWS.

What Students Should Bring

  • Participants are expected to have some familiarity with Linux, the Linux command line and basic IP networking knowledge
  • Attendees should bring a laptop with an SSH client installed. The laptop should not have any corporate security software which restricts Internet access or forces use of a corporate proxy server for browsing
  • Recommended setups are: Python installed on Linux, MacOS, Windows with WSL or MobaXTerm (Putty is possible but requires extra setup)

What Students Will Be Provided With

Modular slide deck of the training material.

£1,600.00Add to cart

About The Trainer

Daniele has worked at NCC Group since 2008, he has great experience with various type of security assessments, including network infrastructure, cloud platforms and application security.

He is also the lead of the Cloud practice for the Technical Security Consultancy division – he is responsible for bringing together the various technical skills around assessing infrastructure and applications in the cloud, creating internal methodologies, developing and delivering internal training and performing research around cloud platforms.

Daniele holds the AWS Certified Security – Specialty and CREST CCT Certification in application security testing.