10 - 14 Mar 2025
London (UK)
Hotel : Landmark Office Space - Oxford Street
Cost : 5775 € Euro
As more organizations move data and infrastructure to the cloud, security is becoming a major priority. Operations and development teams are finding new uses for cloud services, and executives are eager to save money and gain new capabilities and operational efficiency by using these services. But will information security prove to be an Achilles’ heel? Many cloud providers do not provide detailed control information about their internal environments, and quite a few common security controls used internally may not translate directly to the public cloud.
SEC545: Cloud Security Architecture and Operations will tackle these issues one by one. We’ll start with a brief introduction to cloud security fundamentals, then cover the critical concepts of cloud policy and governance for security professionals. For the rest of day one and all of day two, we’ll move into technical security principles and controls for all major cloud types (SaaS, PaaS, and IaaS). We’ll learn about the Cloud Security Alliance framework for cloud control areas, then into assessing risk for cloud services, looking specifically at technical areas that need to be addressed.
You Will Be Able To
Revise and build internal policies to ensure cloud security is properly addressed
Understand all major facets of cloud risk, including threats, vulnerabilities, and impact
Articulate the key security topics and risks associated with SaaS, PaaS, and IaaS cloud deployment models
Evaluate Cloud Access Security Brokers (CASBs) to better protect and monitor SaaS deployments
Build security for all layers of a hybrid cloud environment, starting with hypervisors and working to application layer controls
Evaluate basic virtualization hypervisor security controls
Design and implement network security access controls and monitoring capabilities in a public cloud environment
Design a hybrid cloud network architecture that includes IPSec tunnels
Integrate cloud identity and access management (IAM) into security architecture
Evaluate and implement various cloud encryption types and formats
Develop multi-tier cloud architectures in a Virtual Private Cloud (VPC), using subnets, availability zones, gateways, and NAT
Integrate security into DevOps teams, effectively creating a DevSecOps team structure
Build automated deployment workflows using Amazon Web Services and native tools
Incorporate vulnerability management, scanning, and penetration testing into cloud environment
Who Should Attend
Security architects
Senior security engineers
Technical security managers
Security Operations Center (SOC) analysts, engineers, and managers
CND analysts
Individuals working to implement Continuous Diagnostics and Mitigation (CDM), Continuous Security Monitoring (CSM), or Network Security Monitoring (NSM)
Day 1
Cloud Security Foundations
Introduction to the Cloud and Cloud Security Basics
Cloud Security Alliance Guidance
Cloud Policy and Planning
SaaS Security
Cloud Access Security
Day 2
Core Security Controls for Cloud Computing
Cloud Security: In-House versus Cloud
A Virtualization Security Primer
Cloud Network Security
Instance and Image Security
Identity and Access Management
Data Security for the Cloud
Application Security for the Cloud
Provider Security: Cloud Risk Assessment
Day 3
Cloud Security Architecture and Design
Cloud Security Architecture Overview
Cloud Architecture and Security Principles
Infrastructure and Core Component Security
Access Controls and Compartmentalization
Confidentiality and Data Protection
Availability
Day 4
Cloud Security Automation and Orchestration
Scripting and Automation in the Cloud
SecDevOps Principles
Creating Secure Cloud Workflows
Building Automated Event Management
Building Automated Defensive Strategies
Tools and Tactics
Real-World Use Cases
Day 5
Cloud Security – Offense and Defense
Threats to Cloud Computing
Vulnerability Management in the Cloud
Cloud Pen Testing
Intrusion Detection in the Cloud
Cloud IR and Event Management
Cloud Forensics