This class takes you through the initial steps of engineering and architecting to become a Cloud Security Engineer and architect. Over two days, we will get our hands dirty in cloud environments and learn about architectural patterns. The class goes into the details of Microsoft Azure and Amazon Web Services from a security perspective. We will learn reference architectures, how to design secure cloud environments, and preparing for incident response. At the end of the course, we will summarize our learnings into defining a cloud security strategy and roadmap.
- Public Cloud Security Fundamentals
- Similarities and important differences between public clouds
- Security Services
- Identity and Access Management
- Security Architecture Patterns
- Infrastructure as Code
- Language options and comparison
- Securing Infrastructure as Code
- Designing, building, and securing a deployment pipeline
- Cloud Security Engineering
- Protecting integrity in code repositories
- Hands-on lab: Building a secure deployment pipeline
- Deploying secure artifacts
- Securing workloads in the cloud
- Incident Response
- Planning for Incident Response in Cloud environments
- Hands-on lab: Incident Response in the Cloud
- Cloud Security Strategy
Who Should Attend
- Practitioners that are new to the cloud or want to become more proficient at cloud security concepts.
What You Need
- An Azure subscription OR a personal email and a credit card that can be used (we will not spend more than ~10 USD during the lab. Clear instructions for deleting resources will be provided).
- A computer with Git, PowerShell Core and Azure CLI installed.
- Knowing Git and basic Scripting is a benefit but not required.
Karim Elmelhaoui Security Analyst,
Karim is a seasoned and renowned thought leader within cloud security. At O3 Cyber, he conducts research and development and works with our clients, primarily in Financial Industry. Karim has a background in building and operating platform services for security on private and public clouds, developing and executing a cyber security strategy for the world's largest sovereign wealth fund, and overseeing the execution of adapting a traditional security organization to a 'cloud operating model.'