With the rapid adoption of cloud infrastructure and the prevalence of hybrid cloud environments among organisations, the need to address cloud misconfigurations has become paramount. This course offers a holistic approach to understanding and mitigating misconfigurations in AWS, Azure, and GCP. From building and migrating to managing and innovating in the cloud, organisations face increasing pressure to secure their cloud infrastructure effectively. To achieve this, a deep understanding of cloud attack architecture and hands-on experience with relevant tools and techniques are essential.
Updated for 2024, this comprehensive 4-day course immerses participants in the attacker's mindset, providing the opportunity to deploy over 25 novel attacks through state-of-the-art labs. The training is delivered by seasoned penetration testers with extensive experience in cloud hacking, gained through real-world engagements.
By the end of the course, participants will be well-equipped to confidently identify vulnerabilities within cloud deployments. Additionally, the training covers cloud detection and response strategies, empowering participants to proactively address weaknesses and monitor their cloud environment for potential attacks. This course is a crucial step toward enhancing cloud security in an ever-evolving threat landscape.
Approximate Labs: 38
Demo: 10
Delegates must have the following to make the most of the course:
Who it’s for:
This course is suitable for anyone with a stake or interest in cloud security, from technical practitioners to decision makers. The syllabus has been designed to cover the latest vulnerabilities and advances in hacking, as well as the skills to penetration test cloud systems and environments and remediate vulnerabilities.
This course uses a Defense by Offense methodology based on real world offensive research (not theory). That means everything we teach has been tried and tested on live environments and in our labs and can be applied once the course is over. By the end, you’ll know how to:
Top 3 takeaways
What you’ll be doing
You’ll be learning hands on:
Why it’s relevant
The cybersecurity skills shortage is felt perhaps nowhere as deeply as in the cloud. With new rulebooks and standards, practitioners often find themselves playing catch up with the latest developments in technology and in the threat landscape. This course is designed to be a highly informative bootcamp to help you advance your skills in the most important and relevant areas of cloudsec. Across four days, you’ll learn about the high-impact vulnerabilities and flaws that could be open in your organisation right now and how to fix them.
Our syllabuses are revised regularly to reflect the latest in-the-wild hacks, the newest system releases, and whatever proof of concepts we’ve been developing in our own research. Because they remain so up to date with the threat landscape and security industry standard, many delegates return every 1-2 years to update their skills and get a refresh.
Module 1: Introduction To Cloud Computing
This module introduces the core concepts of cloud computing, emphasising the importance of security. It explores the shared responsibility model, comparing cloud security with traditional models. Additionally, it sheds light on the significance of cloud metadata APIs from an attacker's perspective. This module lays the groundwork for a deeper understanding of cloud security and its unique challenges.
Module 2: Cloud Asset Enumeration
This module will explore DNS-based Enumeration techniques, gaining insights into identifying cloud assets through DNS records.
The module then delves into 'OSINT Techniques for Cloud Asset Enumeration,' equipping participants with open-source intelligence methods to uncover valuable information. Additionally, it covers 'Username Enumeration using Cloud Provider APIs,' empowering attendees to utilise cloud provider APIs to enumerate usernames effectively.
Module 3: Attack Surface of Cloud Services
This module delves into the attack surfaces of key cloud service models: Infrastructure as a Service (IaaS), Function as a Service (FaaS), Platform as a Service (PaaS), and Container as a Service (CaaS). It provides an in-depth understanding of the vulnerabilities and security challenges associated with each model. The module kicks off with an examination of the 'IaaS Attack Surface,' followed by the 'FaaS Attack Surface,' 'PaaS Attack Surface,' and 'CaaS Attack Surface.'
Module 4: Cloud Storages
This module covers cloud storage security in AWS, GCP, and Azure. It starts with an introduction to AWS S3, followed by addressing AWS S3 misconfigurations. The module then explores GCP and Azure storage solutions. It culminates with a focus on securing Azure's Shared Access Signature (SAS) URLs. Attendees will gain the knowledge and skills to secure their cloud storage effectively, avoiding common pitfalls and optimising data protection in these cloud environments.
Module 5: Introduction to Azure and Attacking Microsoft Azure AD
This Module commences with an 'Introduction to Azure and Microsoft Entra ID,' setting the foundation for understanding Azure security.
The module extensively covers 'Azure Application Attacks' across critical components such as App Service, Function App, and Storages. Participants will also delve into the intricacies of securing Azure Databases and the significance of the Automation Account, Azure Key Vault, a pivotal component in safeguarding sensitive data, is thoroughly explored.
Additionally, this module introduces 'Microsoft Entra ID' and elaborates on its authentication methods and associated risks. Participants will gain insights into potential attacks on Microsoft Entra ID, particularly concerning Managed User Identities. The training provides advanced techniques for bypassing Multi-Factor Authentication (MFA) security and navigating Conditional Access Policies effectively.
Participants will also learn how to exploit Dynamic Membership Policies and harness Azure Identity Protection to monitor user behaviour, enhancing the overall security posture.
Module 6: Introduction to AWS
This module offers an in-depth exploration of advanced Amazon Web Services (AWS) security topics. Beginning with an Introduction to AWS Identity and Access Management (IAM) and Policies, the module explores policy evaluation and AWS Cognito Service, with a focus on potential IAM misconfigurations.
The training delves into various aspects of AWS security, including Elastic Beanstalk, AWS Cross-Account misconfigurations, and the enumeration of roles using Pacu. Participants will gain insights into gaining access to EC2 instances by exploiting instance attributes and addressing resource-based policy misconfigurations.
Additionally, the module covers Lambda and API Gateway exploitation, AWS Elastic Container Registry (ECR), and Elastic Container Service (ECS). It educates participants on protecting sensitive data within Docker images and introduces AWS Organisations and IAM Access Analyzer.
Upon completion of this Module, attendees will emerge with a deep understanding of advanced AWS security practices and the practical skills required to secure cloud environments effectively. This module is designed to empower individuals to proactively address security challenges within AWS infrastructures.
Module 7: Introduction to GCP
Participants will delve into essential GCP security aspects, including IAM Role and Service Account, Authentication methods using Service Account files and Access tokens. The module introduces Compute Engine, Cloud Storage, App Engine, and Identity-Aware Proxy (IAP). Furthermore, this module covers the GCP services like Cloud Function, Cloud Storage, Pub/Sub, Cloud Run and databases.
Security-related topics include IAM Impersonation and Secret Manager, bolstering access control. The module concludes by introducing Container Registry, a vital component of GCP container management.
Module 7: Revisiting AWS, Azure and GCP Misconfigurations in Hardened Environment
This section revisits the key cloud misconfigurations discussed in the Azure, AWS, and GCP sections, focusing on comprehensive fixes in a hardened environment. The module provides insights into the practical implementation of robust security measures, ensuring that cloud environments are fortified against vulnerabilities and risks. By actively validating these fixes, participants will be better prepared to enhance cloud security and maintain a robust posture across Azure, AWS, and GCP platforms.
Module 9: Backdooring and Maintaining Access
Module 10: Difference Between AWS, Azure, & GCP IAM and Pitfalls
This module offers a concise comparison of Identity and Access Management (IAM) in AWS, Azure, and GCP. It illuminates the key differences and potential pitfalls associated with IAM in these cloud platforms. Participants will gain insights into the nuanced IAM features and challenges specific to each provider, equipping them with a solid understanding to navigate and secure access control effectively.
Module 11: Cloud Defense Using Open-Source and Cloud-Native Tools
This module focuses on an all-encompassing approach to cloud defense, encompassing four fundamental pillars: identification, protection, detection, and response. Participants will gain insights into how to proactively identify vulnerabilities and potential threats within their cloud infrastructure. They will also explore strategies for safeguarding cloud assets and data. The module delves into the critical aspect of real-time threat detection, equipping individuals with the skills to recognise and respond to security incidents effectively. By the end of this module, participants will be well-prepared to establish robust cloud defense mechanisms, ensuring the security and resilience of their cloud environments.
Module 12: Auditing and Benchmarking of Cloud
This module delves into the comprehensive CIS benchmark, and essential cloud security best practices designed to establish a baseline security posture within cloud infrastructures. Participants will gain profound insights into industry standards and proven methodologies for enhancing cloud security, ultimately fortifying their cloud environments against vulnerabilities and threats.
Join our public courses in our Norway facilities. Private class trainings will be organized at the location of your preference, according to your schedule.