Cloud Application Security Training in Hong Kong

  • Learn via: Classroom / Virtual Classroom / Online
  • Duration: 2 Days
  • Price: Please contact for booking options
We can host this training at your preferred location. Contact us!

This course provides delegates with a practical understanding of securing software deployed into cloud environments including understanding of the issues and opportunities presented by serverless solutions.

In this new world attackers have moved with the times, shifting focus more than ever on finding vulnerabilities in your applications and cloud implementations rather than vulnerabilities in your infrastructure.

The course builds on our Internet Security course, but is designed for anyone building applications natively for the cloud (developers, architects, DevOps and DevSecOps).


About The Trainer

Simon Whittaker has been providing security services & training to both local organisations and some of the world’s largest companies for over 10 years.

Simon’s background in both development & System/Network Administration provides a great view on how best to compromise and secure required services & applications while also ensuring that training courses, content & practicals can be aimed at the right audiences.

Most of Simon’s work involves working with companies to test and improve secure coding practices, penetration & security testing and providing security consultancy to companies that are keen to improve their processes & procedures.

Simon also has great experience in developing & implementing efficient and effective practices across departments to assist with securing and retaining external quality recognition such as ISO27001.


An introductory course ideal for developers at all levels. The course is mixture of demonstrations, horror stories and practical work for completion by the trainees.

  • Learn how attackers are moving from finding vulnerabilities in your infrastructure to finding vulnerabilities in applications
  • Learn reliable and resilient authentication methods in the era of microservices and serverless architectures
  • Learn how to mitigate risk through detailed threat modeling at the application layer

Introduction

  • Vulnerability landscape for IaaS, SaaS and PaaS
  • Current threats

Microservices and Serverless

  • Monolith to microservice to serverless
  • Removing expensive and redundant servers

Securing infrastructure

  • Securing access to your cloud environments including effective use of IAM technologies, certificates and secrets
  • Understanding least privileged access in cloud environments
  • Effective IAM policies, roles & groups
  • Container security
  • Defence in depth
  • Security by design

Finding vulnerabilities

  • Understanding flaws
  • Scanning infrastructure
  • Automating vulnerability scanning

Logging

  • Effective logging techniques
  • Retention policies
  • How, what and where to log

Tools to help

  • Use of technologies to provide oversight to the cloud environment including automating protective actions
  • Working with solutions including: AWS Config, Shield and GuardDuty

Authentication & Authorisation

  • Exploration of Authentication and Authorisation methods and technologies
  • Use of cloud specific systems including: Cognito, OAUTH2 and JWT
  • Preventing lateral movement

Threat modelling serverless applications

  • Discovering critical paths
  • Reducing reliance and increase resilience
  • Building Security Redundancy into your architecture
  • Importance of Application layer threat modelling
  • Discovering and building data flows


Contact us for more detail about our trainings and for all other enquiries!

Upcoming Trainings

Join our public courses in our Hong Kong facilities. Private class trainings will be organized at the location of your preference, according to your schedule.

06 January 2025 (2 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
06 January 2025 (2 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
01 March 2025 (2 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
16 March 2025 (2 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
19 March 2025 (2 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
19 March 2025 (2 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
01 March 2025 (2 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
16 March 2025 (2 Days)
Hong Kong, Kowloon, Tsuen Wan
Classroom / Virtual Classroom
Cloud Application Security Training Course in Hong Kong

Hong Kong is officially known as the Hong Kong Special Administrative Region of the People's Republic of China (HKSAR) and is a city and special administrative region of China on the eastern Pearl River Delta in South China. Hong Kong is one of the most densely populated places in the world, with over 7.5 million population. The official languages of the HKSAR are Chinese and English. Hong Kong is a highly developed territory and ranks fourth on the United Nations Human Development Index and the residents of Hong Kong have the highest life expectancies in the world.

The best time to visit Hong Kong is from September to December, since the temperatures, averaging between 19 to 28 degree Celsius. During this outdoor activities-friendly travelling season, you can take a walk along Victoria Harbour, visit the islands of Lantau, Lamma and Cheung Chau and participate in the Mid-Autumn Festival. Top choices of the tourists to visit in Hong Kong are Big Buddha statue, Wong Tai Sin Temple, Repulse Bay and the Beaches and Hong Kong Disneyland.

Explore our diverse range of IT courses, encompassing programming, software development, cyber security, data science, business skills, and Agile/Scrum. Wherever you are in Hong Kong, our seasoned instructors will bring practical training and expert knowledge to your preferred training venue.
By using this website you agree to let us use cookies. For further information about our use of cookies, check out our Cookie Policy.