Overview
Program Structure
Book Now
FAQs

Course Overview:

Cloud computing is the use of hardware and software resources that are delivered as a service typically over the Internet. It entrusts remote services with user's data, software and computation.

Although there are numerous business advantages and opportunities offered by cloud computing in terms of improved availability, scalability, flexibility etc., it is important to tap its business potential carefully. Securing the client data in the "cloud" must be the prime concern for the cloud service provider. Legal concerns over jurisdiction of client data in “cloud” needs to be addressed properly. This is because the stored data may not reside with service provider in its own data center or at a single location.

In this Course, we are going to learn about common cloud misconfigurations, how to perform a risk assessment and verify compliance for various Cloud Services. Further, we will delve deeper into identifying security risks in these cloud services and to implement best practices to mitigate the common cloud misconfigurations. Also, we will jumpstart into the compliance aspect based on well-known standards like NIST, OWASP, Cloud Security Alliance etc., along with their automations.

Intended Audience:

  • Entrepreneurs, Business Owners
  • Cloud Solutions Providers, Senior Managers
  • Security Automation Team
  • DevSecOps & Devops Team
  • Aws & Azure Professionals
  • Developers
  • Compliance team
  • Risk Management Professionals
  • Security Enthusiasts

Course Content

  • Cloud Introduction:

    • Introduction to cloud
    • Introduction to virtualization
    • Cloud Service Models
    • Cloud Industry Standards
    • Security Challenges
    • Introduction to Cloud Vendors (Aws &Azure)
    • Cloud Access Security Broker

     

    Cloud Migration Challenges:

    • Cloud Breach Case Study
    • Virtualization security Issues
    • Risk Assessment on Cloud Migration
    • OWASP Top 10 Threats
    • Planning Secure Migration

     

    Cloud Infrastructure Security

    • Cloud Configuration & Patch Management
    • Cloud Change management
    • Cloud Infrastructure Audit (Intro, Audit, Best Practice)
      • Aws – VPC, EC2
      • Azure - ARM, NSG
    • Demo- Aws cli & PowerShell & Amazon, Azure portal

     

    Cloud Data Security:

    • Data Protection (rest, at transit, in use)
    • Data Information lifecycle
    • Cloud Data Audit (Intro, Audit, Best Practice)
      • Aws – EBS, S3
      • Azure – SAS
    • Demo-Aws cli & PowerShell & Amazon, Azure portal
    • Key management
    • Cloud Key management Audit (Intro, Audit, Best Practice)
      • Aws –KMS
      • Azure – Azure Key Vault
    • Demo -Aws cli & PowerShell & Amazon, Azure portal

    Identity and Access Management:

    • Introduction to Identity and Access Management
    • Introduction to Federated Identity Management
    • Case Study
    • Cloud IAM Audit (Intro, Audit, Best Practice)
      • Aws –IAM
    • Demo -Aws Cli & Amazon portal

     

    Cloud Application Security:

    • Cloud Application Challenges
    • OWSAP Top 10
    • Secure SDLC
    • DevSecOps
    • Introduction to Cloud watch, Cloud Trail
    • Security automation – Cloud Trail, Cloud watch, Lambda

     

    Cloud Compliance, Policy, Governance:

    • Cloud Policy
    • Cloud SLA
    • Cloud Risk Management
    • Cloud Compliance
      • Legal, Privacy and Geographic Issues
      • Cloud Compliance Standards
      • Cloud Compliance Discussion with CSA CCM & CAI
    • Cloud Compliance Audit (Intro)
      • Azure-Security Center
    • Demo- Azure portal

     

     

    Cloud Incident Response & Intrusion Detection & BCP/DR:

    • BCP/DR Issues
    • Cloud Intrusion Detection
    • Cloud Forensics Challenges
    • Cloud Incident Response
    • Use Case -Aws
    • Cloud Pen testing

Q: When are the courses held?
A: The courses are scheduled monthly throughout the year.

Q: What do I take away from the course?
A: As well as the skills to use the product, you also receive a comprehensive workbook and a certificate of attendance.

Q: Do I get a course manual to keep?
A: Yes, you receive a comprehensive workbook.

Q: Where are the classroom training courses held?
A: The courses are all held in Parramatta, Sydney.

Q: Is the training practical or theory based?
A: Both. All of our course combine practical demonstrations and theory. You will have a sole use of a laptop throughout the course and can practice what you have learnt at the end of each chapter.

Q: Do I need to bring a laptop?
A: Yes, it is required to help you start from scratch on your own machine.

Q: Is there an exam?
A: You do not sit an exam at the end of the course.

Q: What qualification will I get?
A: You will receive a certificate of attendance.

Q: Do I need any previous practical experience?
A: This depends on the course you choose to take. All of our Introductory and Complete courses require no prior knowledge. If you are considering attending an Advanced course, but have not sat the basic course, then you will be expected to have relevant practical experience in the tool.

Q: Do you offer on-site training?
A: Yes, all of our courses can be delivered as on-site courses. We provide all laptops, projector, workbooks and certificates. We can also deliver on-line training just for your company with a schedule to suit you.

Q: Do you offer post course support?
A: Yes, in two ways; firstly, all our trainers can help with initial queries you may have when using the tools post-course via email. Secondly we also provide short-term on-site internship.