Security Engineering on AWS Training

  • Learn via: Classroom / Virtual Classroom / Online
  • Duration: 3 Days
  • We can host this training at your preferred location. Contact us!
Upcoming Training

15 December 2021

3 Days

This course demonstrates how to efficiently use AWS security services to stay secure in the AWS Cloud. The course focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services. You will also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents.

This course allows you to test new skills and apply knowledge to your working environment through a variety of practical exercises.

We recommend that attendees of this course have the following prerequisites:

  • AWS Cloud Practitioner Essentials
  • AWS Security Fundamentals
  • Architecting on AWS
  • Working knowledge of IT security practices and infrastructure concepts
  • Familiarity with cloud computing concepts

This course is intended for:

  • Security engineers
  • Security architects
  • Security operations
  • Information security

In this course, you will learn how to:

  • Assimilate and leverage the AWS shared security responsibility model
  • Architect and build AWS application infrastructures that are protected against the most common security threats
  • Protect data at rest and in transit with encryption
  • Apply security checks and analyses in an automated and reproducible manner
  • Configure authentication for resources and applications in the AWS Cloud
  • Gain insight into events by capturing, monitoring, processing, and analyzing logs
  • Identify and mitigate incoming threats against applications and data
  • Perform security assessments to ensure that common vulnerabilities are patched and security best practices are applied

Intro

  • Welcome and introductions
  • Introduction to Security on AWS


Identifying entry points on AWS

  • Ways to access the platform
  • IAM policies
  • Securing entry points
  • Incident response


Lab - cross-account authentication

Security Considerations - Web Applications

  • Security points in an AWS web application environment
  • Analyse a three-tier application model and identify common threats
  • Assess environments to improve security


Application Security

  • Securing EC2 instances
  • Assess vulnerabilities with Inspector
  • Apply security in an automated way using Systems Manager
  • Isolate a compromised instance


Lab - Assessing Security with Inspector and Systems Manager

Securing Networking Communications - Part 1

  • Apply security best practices to VPC
  • Implement an ELB device as a protection point
  • Protect data in transit using certificates


Data Security

  • Protect data at rest using encryption and access controls
  • AWS services used to replicate data
  • Protect archived data


Security Considerations: Hybrid Environments

  • Security points outside of a VPC
  • Common DoS threats


Monitoring and Collecting Logs on AWS

  • Monitor events and collect logs with CloudWatch
  • Use Config to monitor resources
  • AWS-native services that generate and collect logs


Lab - Server Log Analysis Part 1 - collect logs

Processing Logs on AWS

  • Stream and process logs for further analysis
  • AWS services used to process logs from S3 buckets


Lab - Server Log Analysis Part 2 - analyse logs

Securing Networking Communications - Part 2

  • Identify AWS services used to connect on-premise to AWS
  • Data protection between on-premise and AWS
  • Securely access VPC resources in other accounts


Out-Of-Region Protection

  • Use Route 53 to isolate attacks
  • Implement WAF to protect applications
  • Use CloudFront to deliver content securely
  • Protect applications using Shield


Account Management on AWS

  • Manage multiple accounts
  • Use identity providers / brokers to acquire access to AWS services


Lab - AWS Federated Authentication with ADFS

Security Considerations: Serverless Environments

  • How to secure data in a serverless environment
  • Use Cognito to authorize users
  • Control API access with API Gateway
  • Use AWS messaging services securely
  • Secure Lambda functions


Lab - Monitor and Respond with Config and Lambda

Secrets Management on AWS

  • Manage key and data encryption with KMS
  • Describe how CloudHSM is used to generate and secure keys
  • Use Secrets Manager to authenticate applications


Lab - Using KMS

Security Automation on AWS

  • Deploy security-oriented AWS environments in a reproducible manner
  • Provide management and control of IT services to end-users in a self-serve manner


Lab - Security Automation on AWS with Service Catalog

Threat Detection and Sensitive Data Monitoring

  • Threat detection and monitoring for malicious or unauthorized behaviour
  • Leverage machine learning to gain visibility into how sensitive data is being managed in the AWS Cloud


Contact us for more detail about our trainings and for all other enquiries!

Firms, governments, and organizations from all industries, small or large, are faced with cyber threats, as hackers become more knowledgeable and companies have Cybersecurity vulnerabilities. Companies that do not make the necessary investments in Cybersecurity may encounter both information and financial losses due to cyber-attacks. One of the biggest reasons for this is that many companies are still using old technologies and they are building their new technologies on old security systems. The fact that security systems are not updated and old technologies are used make it easier for internet hackers.
Your salary will depend on your Cybersecurity certification and which Cybersecurity position you work in. Salaries for jobs such as Cybersecurity specialist, Cybersecurity engineer, or Chief Information Security Officer (CISO) will vary according to the employee's experience and the certifications they have. To get a Cybersecurity certification, check out our Cybersecurity courses.
We can explain Cybersecurity as the protection of the security, integrity, and confidentiality of the communication we have established with individuals or institutions in electronic media. Cybersecurity is designed to protect information and communication systems, networks, programs, devices, and data against attacks those who want to damage and steal information. These technologies consist of various processes and controls. You can get more information about Cybersecurity certification by visiting our website and you can take a look at our Cybersecurity courses.
Today, the digitalizing world has shown that cyber attacks have become the biggest problem in terms of Information Security. Millions of online users are attacked and their data compromised every day, but most users and companies are unaware of how to properly protect their computers. For this reason, it is very important for companies to train their employees with Cybersecurity courses at intervals. With the Cybersecurity trainings given by our expert instructors, you can be one step ahead of everyone in terms of Information Security.

Upcoming Trainings

Join our public courses in our Istanbul, London and Ankara facilities. Private class trainings will be organized at the location of your preference, according to your schedule.

15 December 2021

Classroom / Virtual Classroom

Istanbul, Ankara, London
16 December 2021

Classroom / Virtual Classroom

Istanbul, Ankara, London
24 December 2021

Classroom / Virtual Classroom

Istanbul, Ankara, London
25 December 2021

Classroom / Virtual Classroom

Istanbul, Ankara, London
19 January 2022

Classroom / Virtual Classroom

Istanbul, Ankara, London
02 February 2022

Classroom / Virtual Classroom

Istanbul, Ankara, London
14 February 2022

Classroom / Virtual Classroom

Istanbul, Ankara, London
09 March 2022

Classroom / Virtual Classroom

Istanbul, Ankara, London

Related Trainings

Systems Operations on AWS

System Operations on AWS is designed to teach those in a Systems Administrator or Developer Operatio...

  • Classroom
  • Virtual Classroom
  • Online

3 Day