SEC388: Introduction to Cloud Computing and Security

  • Online
18 CPEs
Today's world of cyber security moves quickly. Cloud security moves even faster, so getting started or moving into a career in this field can be intimidating if you do not have the foundation to be successful. SANS SEC388 solves this problem by helping you to learn the foundational elements of modern cloud computing and security. This course kicks off your journey to becoming a SANS Cloud Ace by taking an introductory yet critical look at cloud security. This course focuses on Azure and AWS, and shows you how to interact with each cloud provider by familiarizing you with common terminology, cloud services, security concerns, and solutions to cloud-based security shortcomings. Through hands-on labs, SEC388 puts you in real-world scenarios that challenge you to learn more about AWS, Azure, and relevant cloud computing and security concepts. 12 Labs

What You Will Learn

Ground School for Cloud Security

The purpose of SEC388 is to learn the fundamentals of cloud computing and security. We do this by introducing, and eventually immersing, you in both AWS and Azure; by doing so, we are able to expose you to important concepts, services, and the intricacies of each vendor's platform. This course provides you with the knowledge you need to confidently speak to modern cybersecurity security issues brought on by the cloud, and become well versed with applicable terminology. You won't just learn about cloud security, you will learn the "how" and the "what" behind the critical cloud security topics impacting businesses today.

"The mixture of introductory concepts and security-specific concerns was just right. I walked away from the course with a better understanding of public cloud environments and how they can be leveraged to meet business goals, and valuable hands-on experience working within the cloud provider's tools to deploy example servers and applications with an eye toward doing it all securely." - Flint Gatrell

Business Takeaways:

This course will help your organization:

  • Develop professionals - technical or managerial - that know how to use AWS and Azure services
  • Anticipate what cloud security threats are applicable to your business
  • Learn how to mitigate threats
  • Create a culture where security empowers the business to succeed

Skills Learned:

  • Make sense of different cloud-based services
  • Understand and analyze risk in the cloud
  • Interact with Azure and AWS environments using a browser and command line tools
  • Change behavior and build a security-aware culture
  • Deploy and integrate cloud services in AWS and Azure
  • Get up to speed quickly on cloud security issues and terminology
  • Detect and effectively respond to a simulated cloud breach
  • Speak the same language as technical security professionals
  • Learn how to automate common tasks using cloud shells
  • Defend cloud services from attacks
  • Track, audit and manage budgeting in your cloud environments

Hands-On Training:

All labs in SEC388 are focused on Azure and AWS and involve directly interacting with each cloud service provider. Students will use a browser to access each cloud environment to gain familiarity with cloud computing concepts. During labs, students will implement cloud services, deploy a cloud-based website, and perform essential security tasks in order to become accustomed to cloud computing and cloud security. The total time committed to labs is about 37% of the course.

  • Section 1: Cloud Account Creation/Finalization, Cloud Interfaces, Introduction to the Command Line, Billing and Cost Calculation
  • Section 2: VM Deployment, Secure Storage Implementation, Website Integration, Alert Generation
  • Section 3: Cloud Incident Response, Vulnerability Identification & Remediation, Cloud Security Tools, Attacking the Cloud

"The labs overall are great, they tie directly to the module content and build on the previous modules/labs." - Mike Larson, eFirstBank

"Serge makes the journey easier with his explanations after the labs. This is very crucial for me as a career changer with limited IT background. Kudos!" - Kayode Olabisi

Syllabus Summary:

  • Section 1: Introducing cloud terminology, computing and security topics
  • Section 2: Deploying and implementing common cloud services
  • Section 3: Identifying cloud threats and implementing applicable solutions

Additional Free Resources:

What You Will Receive:

  • Electronic courseware containing the entire course content
  • Printed course books
  • Access to repeatable interactive hands-on labs
  • MP3 audio files of the complete course lecture
  • Access to Slack Cloud Security Alumni channel

What Comes Next:

Technical Cloud Practitioners:

Cloud Security Managers and Leaders:

For additional cloud security training courses, please visit our main SANS Cloud Security curriculum page.

Syllabus (18 CPEs)

Download PDF
  • Overview

    The course starts with an introduction to both AWS and Azure by answering fundamental questions about the cloud: what it is, how it works, why its relevant, all while explaining pertinent vocabulary. The course continues by introducing common cloud services and highlighting how to interact with our cloud environments using both a web browser and the command line. With this foundation, the focus shifts to security concerns and detailing common mistakes which can lead to a breach. The section ends on the topic of budgeting and understanding how costs are calculated in a cloud computing environment.

    • Cloud Account Creation / Finalization
    • Cloud Interfaces
    • Introduction to the Command Line
    • Billing and Cost Calculation

    Introduction to Cloud Computing

    • AWS and Azure account setup

    Cloud Service Providers

    • Terminology and vocabulary
    • Common cloud services
    • Cloud security case study

    Cloud Interfaces

    • GUI / Web Interface
    • API Access
    • CLI and Automation

    Cost Calculation

    • Understanding costs
    • Controlling costs
    • Budgeting and alerting
  • Overview

    Section two delves into service integration and deployment. We start they day by understanding common cloud-based services and the role they play in supporting the business. We then begin deploying services to both AWS and Azure, as well as configuring security controls to allow and restrict access into our environment. The exposure to new services continues with the implementation of cloud storage, in conjunction with cloud computing. Within the context of enabling common business functions, we integrate a functional website in each cloud service providers environment. Finally, within these newly deployed services, we work to understand the risk these actions inherently introduce, and work to limit that risk by implementing security monitoring and alerting controls.

    • VM Deployment
    • Secure Storage Implementation
    • Website Integration
    • Alert Generation

    Compute Services

    • Virtualization and Autoscaling
    • Image Selection
    • Identity and Authentication
    • Instance Deployment

    Cloud Storage

    • Availability
    • Accessing Storage
    • Storage Costs
    • Storage integration

    Business Needs

    • Uptime
    • Remote Access
    • Security Controls
    • Threat and Vulnerability Programs

    Logging & Monitoring

    • Log Sources
    • Console Logging
    • Portal Logging
    • Monitoring and Alerting
  • Overview

    Section Three focuses on identifying threats facing cloud environments, and understanding solutions to deal with those threats. After suffering a simulated breach of our cloud environment, we learn hands-on exactly how to respond to the situation and research the root cause. With first-hand experience dealing with cloud service deployment, and the inherent risks of exposing our infrastructure, we work to understand how to harden our environment against attacks. Finally, we look at automated, cloud-native security solutions, and discuss common attacks and defenses we can then speak to with a close look at best practices.

    • Cloud IR
    • Vulnerability Identification & Remediation
    • Cloud Security Tools
    • Attacking the Cloud

    Incident Response

    • Declaring an Incident
    • Incident Impact
    • Operational Security
    • Administrative Controls


    • System Hardening
    • Patching
    • Risk Ranking
    • Vulnerability Remediation

    Cloud Native Security Solutions

    • AWS Security Hub
    • Microsoft Defender for Cloud
    • Cloud Security Tools

    Cloud Attacks and Defenses

    • Common Attack Categories
    • Defense Strategies
    • Layered Security
    • Cloud Security Best Practices


While SEC388 does not have prerequisites, to get the most out of the course students should have a basic understanding of computers.

Laptop Requirements

Important! Bring your own system configured according to these instructions.

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will not be able to fully participate in hands-on exercises in your course. Therefore, please arrive with a system meeting all of the specified requirements.

Back up your system before class. Better yet, use a system without any sensitive/critical data. SANS is not responsible for your system or data.


  • Wireless networking (802.11 standard) is required. There is no wired Internet access in the classroom.

Additional requirements for this course:

  • Students should have an OpenSSH client installed on their laptop.
  • Cloud Accounts: Students will be given SANS-provided AWS and Azure accounts for the duration of the course


  • Your host operating system must be the latest version of Windows 10, Windows 11, or macOS 10.15.x or newer.
  • Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
  • Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials and/or VMs.

Your course materials include a "Setup Instructions" document that details important steps you must take before you travel to a live class event or start an online class. It may take 30 minutes or more to complete these instructions.

If you have additional questions about the laptop specifications, please contact

Author Statement

"Cloud computing is not new and the adoption of the cloud by organizations continues to grow at an astounding rate. Due to this, many people are finding themselves in the position where it clearly makes sense to learn more about cloud computing. Interestingly, this rise in cloud computing has brought forth a rise in cloud-related breaches - and it makes perfect sense why. As we see with any new frontier in computer science, what's old is new again, and many of the mistakes of the past, are being revived in today's modern world of cloud computing. It is critically important to develop the skills and knowledge needed to positively influence cloud security in every capacity we can influence. Regardless of your background, SEC388's entry-level approach and focus on cloud computing and security will help you prepare for a rewarding career, just as it will help level-up your skills as an accomplished professional, ultimately preparing you for success in a world of cloud computing."

- Serge Borso

"Serge is the best instructor I've ever had! He's so knowledgeable and has a great teaching style. Very relatable and helps when people have questions."

- Seth J., SEC542 student


This is a great course for system administrators and security practitioners who are transitioning, or thinking about transitioning, from a primarily on-premises workload to a public cloud workload.
Flint Gatrell
I'm taking this course as part of the journey to switching my career from Finance to IT.
Senalda Rodrigues
Serge makes the journey easier with his explanations after the labs. This is very crucial for me as a career changer with limited IT background. Kudos!
Kayode Olabisi
The explanation of AWS & Azure, and the supporting slides were very clear and gave a good introduction to both companies. I think they were the right level for someone without any sort of cloud backgrou
Shannon Brunston

    Register for SEC388

    Learn about Group Pricing

    Prices below exclude applicable taxes and shipping costs. If applicable, these will be shown on the last page of checkout.