SANS @MIC Talk - SEC510: Multicloud Security Assessment and Defense
SEC510 provides cloud security practitioners, analysts, and researchers an in-depth understanding of the inner workings of cloud Platform-as-a-Service (PaaS) offerings from Amazon Web Services, Microsoft Azure, and the Google Cloud Platform. Through this, students will understand the philosophies that undergird each provider and how these have influenced their services. By contrasting these offerings, we can, for example, avoid applying AWS concepts to Azure and GCP where they are not appropriate.
Students will leave the course confident that they know everything they need to consider when adopting PaaS offerings in each cloud. Instead of merely citing best practices from each provider's documentation, we will validate that these recommendations work first-hand in the lab activities. Using the infrastructure-as-code templates included with the courseware, students will launch unhardened services, analyze the security configuration, validate that they are insufficiently secure, deploy security patches, and confirm the service is secure. The hands-on exercises will reveal undocumented or incorrectly documented details about the service internals that researchers around the world have uncovered in their research.
The Big 3 providers alone provide more services than any one company can consume. As security professionals, it can be tempting to limit what the developers use to the tried and true solutions of yesteryear. For better or worse, this approach will inevitably fail as the product development organization sidelines a security organization that is unwilling to change. Functionality drives adoption, not security, and if a team discovers a service offering that can help them get their product to market quicker than the competition, they can and should use it. SEC510 gives you the ability to give relevant and modern guidance to these teams and enable them to move quickly and safely by providing guardrails.
