This 2-day course cuts through the mystery of cloud services (including AWS, Azure and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, plus what makes them the same, as compared to hacking and securing a traditional network infrastructure.
Attendees will gain an understanding of the following topics:
- Introduction to Cloud Computing
- Why cloud matters
- How cloud security differs from conventional security
- Types of cloud services
- Shared responsibility model
- Legalities around attacking / pen testing cloud services.
- Understanding the Attack Surfaces of various Cloud offerings, such as IaaS, PaaS, SaaS, FaaS
- Enumerating Cloud Services
- Understanding metadata APIs
- Exploiting serverless applications
- Owning cloud machines
- Attacking cloud services such as storage service or database services w.r.t different providers
- Examples and case studies of various cloud hacks
- Privilege escalation (horizontal and vertical) and pivoting techniques in cloud
- Obtaining persistence in the cloud and performing post-exploitation
- Exploiting dormant assets: Id’s, services, resources groups, security groups and more
- Cloud Infrastructure Defence
- Monitoring and logging
- Auditing Cloud Infrastructure (Manual and automated approach)
- Base Images / Golden Image auditing for Virtual Machine / Container Infrastructure
- Preventive measures against cloud attacks
- Host-based Defence
- Using Cloud services to perform continuous monitoring and defence
- Ending CTF to reinforce the learning
Who should take this course?
Cloud Administrators, Developers, Solutions Architects, DevOps Engineers, SOC Analysts, Penetration Testers, Network Engineers, security enthusiasts and anyone who wants to take their skills to the next level.
Prior pen test experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common command line syntax will be greatly beneficial.