Hacking and Securing Cloud Infrastructure

NEW
2 Days

This 2-day course cuts through the mystery of Cloud Services (including AWS, Azure and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing a traditional network infrastructure.

Click here to view our March 2020 Free Webinar Recording

Class Details

Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This course covers both the theory a well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure.

Prior pentest / security experience is not a strict requirement, however, some knowledge of Cloud Services and a familiarity with common Unix command line syntax will be beneficial.

Introduction to Cloud Computing

  • What is cloud and Why it matters
  • Types of clouds and cloud services
  • What changes from conventional security models
  • Shared responsibility model (pizza as a service v2.0)

Attacking Cloud Services

  • Conventional vs Cloud Infra Assessment
  • Legalities around Cloud Pentesting
  • How to approach Pentesting cloud services
  • Understanding Metadata API
  • Understand the attack surface in each type of cloud
  • Enumerating for cloud assets

Gaining Entry in Cloud Environment

  • Lambda attacks
  • Web application Attacks
  • Exposed Service ports

Attacking Specific Cloud Services

  • Storage Attacks
  • Azure AD Attacks
  • Financial Attacks
  • IAM Attacks : Shadow admins
  • Dormant assets
  • Google Dorking in Cloud Era

Post - Exploitation

  • Maintain access after the initial attack
  • Post access asset enumeration
  • Extracting secrets from Snapshot access

Defending the Cloud Environment

  • Setting up Monitoring and logging of the environment
  • Catching attacks using monitoring and logging
  • Metadata API Protection

Host base Defences for IaaS

  • Windows server auditing
  • Linux Server Auditing

Auditing and benchmarking of Cloud

  • Prepare the environment for the audit
  • Automated auditing using open source tools
  • Golden Image / Docker image audits
  • Relevant Benchmarks for cloud
  • Continuous inventory monitoring
  • Continuous monitoring to Detect changes in cloud environment

Prerequisites

Who Should Take This Class?

Cloud Administrators, Developers, Solutions Architects, DevOps Engineers, SOC Analysts, Penetration Testers, Network Engineers, security enthusiasts and anyone who wants to take their skills to next level.

Prior pentest experience is not a strict requirement, however, some knowledge of Cloud Services and a familiarity with common command line syntax will be greatly beneficial.

Student Requirements

Students must bring their own laptop and have admin/root access on it. The laptop must have a virtualization software (virtualbox / VMWare) pre installed. A customized version of Kali Linux (ova format) containing custom tools, scripts and VPN scripts for the class will be provided to the students. The laptop should have at least 4 GB RAM and 20 GB of free disk space dedicated for the VM.  

What Students Will Be Provided With

  Our own customized version of kali linux with inhouse developed scripts and tools to help with hacking auditing and securing Cloud.  

Hacking Training Classes

Lab-Based Training - Written by BlackHat Trainers - Available Globally

NotSoSecure classes are ideal for those preparing for CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure / web applications as a day job & wish to add to their existing skill set.

Download the NotSoSecure Hacking Classes Brochure

Training Events

Hacking and Securing Cloud Infrastructure

02-04 June

InfoSec

Learn More

Hacking and Securing Cloud Infrastructure

June 4-5

REMOTE

Register

Hacking and Securing Cloud Infrastructure

25-26th June

Remote

Register

Hacking and Securing Cloud Infrastructure

29th June to 1st July 2020

BruCon Ghent

Register

Hacking and Securing Cloud

1-2 August or 3-4 August

Black Hat USA 2020

Read More

Hacking and Securing Cloud Infrastructure – 3 days

14-16th Sept 2020

Ottawa, Canada

Register

Hacking and Securing Cloud Infrastructure

24-25th Sept

Remote

Register

Hacking and Securing Cloud Infrastructure

February 2021

Hack in Paris

Register

Beginner Friendly

Hacking 101

The Art of Hacking

The Art of Hacking

=

Infrastructure Hacking

+

Web Hacking

Specialist Offensive Classes

2020 Edition

Advanced Infrastructure Hacking

2020 Edition

Advanced Web Hacking

NEW

Hacking and Securing Cloud Infrastructure

Specialist Defence Classes

2020 Edition

AppSec for Developers

NEW

DevSecOps

NEW

AppSecOps

Book Your Training

Working exclusively with 3 training delivery partners, NotSoSecure Hacking Training is available around the world.


UNITED KINGDOM

REST OF THE WORLD