Cloud Security Masterclass: Defender's Guide to Securing AWS & Azure Infrastructure
Abhinav Singh
"Dive deep into cloud security, tailored for AWS & Azure. Learn to fortify cloud infrastructure & applications by establishing automated detection, alerting, and response. Engage in interactive labs, real-world attack simulations, and CTF challenges—with metal coins to win—for a hands-on experience."
Format: 2 Days In-person
Audience level: Beginner, Intermediate
Dive deep into cloud security, tailored for AWS & Azure and learn to fortify cloud infrastructure and applications by establishing automated detection, alerting, and response systems. Engage in interactive labs, real-world attack simulations, and CTF challenges—with metal coins to win—for a hands-on learning journey. This training focuses on enterprise level cloud security challenges and includes both investigator and builder approach towards security. Learn to defend your AWS & Azure cloud infrastructure by building highly scalable threat detection, Incident response and auto-remediation pipelines by using native cloud services like serverless, containers, object stores, IAM/Entra-ID, logic apps, SQL/KQL queries and much more. The training extends the knowledge into more advance enterprise use-cases like cross-account logging & monitoring, multi-cloud compliance and data security. This training focuses on building security knowledge on the cloud and for the cloud.
By the end of this training, you will be able to(applies to both AWS & Azure):
* Use cloud technologies to detect & build automated responses against IAM & EntraID attacks.
* Understand and mitigate advanced identity based attacks like pivoting and privilege escalation and build defense techniques against them.
* Use serverless functions and containers to build highly scalable, on-demand threat scanning service.
* Build notification services to create detection alerts on real-time SIEM using Slack.
* Analyze malware-infected virtual machines to learn cloud pivot techniques.
* Build cross-account Incident Response service using API gateway and perform auto-remediation and analysis.
* Define step functions & logic apps to implement automated forensic artifacts collection for cloud resources.
* Build cloud security response playbooks for defense evasion, persistence and lateral movements. * Enforce multi-cloud security strategy through assessments, compliance checks and benchmarking automation.
* Understand how APTs operate in cloud infrastructures through attack simulations.
Abhinav Singh is a cybersecurity researcher with a decade long experience working for global leaders in security technology, financial institutions and as an independent trainer/consultant. He is the author of Metasploit Penetration Testing Cookbook (first, second & third editions) and Instant Wireshark Starter, by Packt. He is an active contributor to the security community in the form of patents, open-source tools, paper publications, articles, and blogs. His work has been quoted in several security and privacy magazines, and digital portals. He is a frequent speaker and trainer at eminent international conferences like Black Hat, RSA, DEFCON, BruCon, HITB, Hack In Paris, OWASP Appsec etc. His areas of expertise include malware research, reverse engineering, enterprise security, forensics, and cloud security.
Twitter: abhinavbom
LinkedIn: https://www.linkedin.com/in/abhinavbom