SEC510: Public Cloud Security: AWS, Azure, and GCP

GIAC Public Cloud Security (GPCS)
GIAC Public Cloud Security (GPCS)
  • In Person (5 days)
  • Online
38 CPEs

Organizations are becoming multi cloud by choice or by chance. However, although each cloud provider is responsible for the security of the cloud, its customers are responsible for what they do in the cloud. Unfortunately, this means that security professionals must support hundreds of different services across multiple clouds. Many of these services are insecure by default, and few of them are consistent across the different clouds. Security teams need a deep understanding of each cloud's services to lock them down. As the multicloud landscape rapidly evolves, security is constantly playing catch-up to avert disaster. SEC510: Public Cloud Security: AWS, Azure, and GCP solves this problem by teaching you the security nuanced differences between the Big 3 cloud providers and how to securely configure their Platform as a Service (PaaS) / Infrastructure as a Service (IaaS) offerings. 20 Hands-On Labs + Bonus Challenges

What You Will Learn

"AWS, Azure and GCP don't handle basic security functions...in exactly the same way. There are nuances that must be taken into account in order for security measures to work properly...The professionals who understand these nuances are not easy to find." - Shai Morag, Forbes Technology Council

Multiple Clouds Require Multiple Solutions

SEC510 provides cloud security practitioners, analysts, and researchers with the nuances of multi-cloud security. Students will obtain an in-depth understanding of the inner workings of the most popular public cloud providers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud (often referred to as Google Cloud Platform, or GCP). SEC510 leverages industry-renowned standards and methodologies, such as the Center for Internet Security (CIS) Cloud Foundations Benchmarks, MITRE ATT&CK Cloud Matrix, and Cyber Defense Matrix alongside original research. Students will then apply that knowledge through hands-on exercises in real cloud environments for each provider, launching unhardened services, analyzing their security configurations, validating that they are insufficiently secure, deploying patches, and validating the remediation. This teaches students the philosophies that undergird each provider and how these have influenced their services. Students will leave the course confident that they have the knowledge they need to support their organization's adoption of Platform as a Service (PaaS) / Infrastructure as a Service (IaaS) offerings in each cloud.

What Is Public Cloud Security?

Public Cloud Security is security for cloud platforms that are not managed in-house, such as AWS, Azure, and Google Cloud.

"This class was an excellent investment. I learned a great deal about the various strengths and weaknesses in the 3 largest cloud providers' default services and default configurations as well as inherent insecurities that can't be easily mitigated. There is a great deal of actionable content that I can take back to my team as we work to monitor and help our clients secure their cloud environments." - John Senn, EY

BUSINESS OUTCOMES

  • Maximize technology spend of equipment, services, and employees
  • Decrease the organization's risk profile through customized security configurations
  • Control the confidentiality, integrity, and availability of data in every cloud service provider
  • Increase use of secure automation to keep up with the speed of today's business environment

STUDENTS WILL LEARN HOW TO

  • Make informed decisions in the Big 3 clouds by understanding the inner workings of each of their Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) offerings
  • Implement secure Identity and Access Management (IAM) with multiple layers of defense-in-depth
  • Build and secure multicloud networks with segmentation and access control
  • Encrypt data at rest and in-transit throughout each cloud
  • Control the confidentiality, integrity, and availability of data in each cloud storage service
  • Support non-traditional computing platforms like Application Services and serverless Functions as a Service (FaaS)
  • Integrate each cloud provider with one another without the use of long-lived credentials
  • Automate security and compliance checks using cloud-native platforms
  • Guide engineering teams in enforcing these security controls using Terraform and Infrastructure-as-Code (IaC)

HANDS-ON PUBLIC CLOUD SECURITY TRAINING

SEC510: Public Cloud Security: AWS, Azure, and GCP reinforces all of the concepts discussed in the lectures through hands-on labs in real cloud environments. Each lab includes step-by-step guide as well as a "no hints" option for students who want to test their skills without further assistance. This allows students to choose the level of difficulty that is best for them and fall back to the step-by-step guide as needed. Students can continue to access the lab instructions, application code, and Infrastructure-as-Code after the course concludes. With this, they can repeat every lab exercise in their own cloud environments as many times as they would like.

SEC510 also offers students an opportunity to participate in Bonus Challenges each day in a gamified environment, while also providing more hands-on experience with the Big 3 cloud sevice providers and relevant utilities. Can you win the SEC510 Challenge Coin?

  • SECTION 1: VM Credential Exposure, Hardening AWS IAM Policies, Hardening Azure and GCP Policies, Advanced IAM features, Bonus Challenges Section 1
  • SECTION 2: Network Lockdown, Analyzing Network Traffic, Private Endpoint Security, Cloud VPN and Managed SSH, Bonus Challenges Section 2
  • SECTION 3: Audit Decryption Events, "Encrypt all the Things!", Storage Service Lockdown, Sensitive Data Detection and Exfiltration, Bonus Challenges Section 3
  • SECTION 4: App Service Security, Serverless Prey, Hardening Serverless Functions, Login with the Microsoft Identity Platform, Broken Firebase Database Access Control, Bonus Challenges Section 4
  • SECTION 5: Multicloud integration, Login with Azure AD, Automated benchmarking, Lab teardown, Bonus Challenges Section 5

"Labs are amazing, they cover all the content we review over the lecture." - Enrique Gamboa, ALG

"Labs are insane. Such a great setup. I'm learning a ton and plus will be able to build upon this great foundation." - Kevin Sahota, 604 Security

"Labs are very well structured and detailed to explain exactly what is happening and why." - Gareth Johnson, Close Brothers

"The labs are very interesting, the possibility to re-run them with more time to think about it, to explore, is absolutely game changing and great. My biggest concern is actually to be able to make the time to redo them, but frankly the material is that good that I will find a way to do so." - Michael Dechandon, ANSSI

SYLLABUS SUMMARY:

Section 1 - Securely Use Cloud Identity and Access Management (IAM) and Defending IAM Credentials

Section 2 - Restrict Infrastructure and Data Access to Private Cloud Networks, Monitor for Suspicious Network Traffic, and Use Secure Remote Access Capabilities

Section 3 - Manage Cryptographic Keys, Apply Encryption at Rest and In-Transit Across Cloud Services, Protect Data in Cloud Storage Services, Audit Encryption Key and Storage Access, and Detect Sensitve Data in the Clouds

Section 4 - Secure the Cloud Compute Services that Run Applications, Including Serverless Functions as a Service (FaaS), Manage Application Consumer Identities, and Analyze Firebase (a Suite of Services Acquired by and Integrated with Google Cloud)

Section 5 - Authenticate Clouds to One Another and Automate Misconfiguration Benchmarking

FREE RESOURCES:

WHAT YOU WILL RECEIVE:

  • Printed and Electronic courseware
  • MP3 audio files of the course
  • Course virtual machine (VM) with all lab exercises that can be redone outside of class indefinitely
  • Thousands of lines of Infrastructure-as-Code and secure configurations for each cloud platform that you can use at your organization

WHAT COMES NEXT:

SANS offers several courses that are excellent compliments to SEC510 depending on your job role:

Cloud Security Analyst

Cloud Security Engineer

Cloud Security Architect

DevSecOps Professional

Learn more about our job role based training journeys at sans.org/cloud-security/ace.

Syllabus (38 CPEs)

Download PDF
  • Overview

    SEC510 starts with a brief overview of the public cloud adoption trends. We will examine the factors driving the rise in popularity of Azure and GCP, which historically have lagged far behind AWS. Students will then initialize their lab environment and deploy a modern web application to each of the Big 3 providers.

    This leads into an analysis of one of the most fundamental and misunderstood concepts in cloud security: Identity and Access Management (IAM). Students will compromise real IAM credentials from cloud virtual machines using the Instance Metadata Service (IMDS) to examine firsthand how an attacker can use them to access sensitive cloud data.

    The remainder of this section will focus on how to harden the IMDS and leverage well-written IAM policies to minimize the harm caused by such attacks. These strategies are critical to prevent a minor vulnerability from becoming front-page news.

    Exercises
    • VM Credential Exposure
    • Hardening AWS IAM Policies
    • Hardening Azure and GCP Policies
    • Advanced IAM Features
    • Bonus Challenges (Section 1)
    Topics

    The Multicloud Movement

    • Cloud Market Trends
    • Multicloud Considerations
    • Cloud Procurement through Mergers and Acquisitions
    • Shadow Cloud Accounts

    Multicloud Security Assessment

    • Cyber Defense Matrix
    • Center for Internet Security (CIS) Cloud Foundations Benchmarks
    • MITRE ATT&CK Cloud Matrix
    • Lab Environment Introduction
    • HashiCorp Terraform Overview

    Identity and Access Management

    • Identities
    • Policies
    • Organization-Wide Controls
    • AWS IAM
    • Azure Active Directory (Azure AD) and Microsoft Entra ID
    • Google Cloud IAM

    Cloud Metadata and Credential Services

    • The Cloud Instance Metadata Service (IMDS) for each cloud provider
    • IMDS Compromise Case Study
    • IMDS Hardening

    Related Application Vulnerabilities

    • Command Injection

    SERVER-SIDE REQUEST FORGERY

  • Overview

    Section 2 covers how to lock down infrastructure within a virtual private network. As the public cloud IP address blocks are well known and default network security is often lax, millions of sensitive assets are unnecessarily accessible to the public Internet. This section will ensure that none of these assets belong to your organization.

    It begins by demonstrating how ingress and egress traffic can be restricted within each provider. Students will analyze the damage that can be done without these controls by accessing a public-facing database and creating a reverse shell session in each environment. We will then eliminate both attack vectors with secure cloud configuration.

    The next module covers cloud-based network analysis capabilities to address malicious traffic on network channels that cannot be blocked. Students will analyze cloud flow logs and search for indicators of compromise. The module also covers AWS Traffic Mirroring and Google Cloud Packet Mirroring, both of which have associated Bonus Challenges.

    With our infrastructure locked down, we pivot to controlling network access to Platform as a Service (PaaS) using Private Endpoints. We will demonstrate how defenders can use these endpoints to restrict data access to internal networks and how attackers can abuse them to exfiltrate data.

    This section concludes with techniques for securely granting organization members access to assets in private cloud networks. These techniques allow an organization to work effectively while keeping internal systems off the public internet.

    Exercises
    • Network Lockdown
    • Analyzing Network Traffic
    • Private Endpoint Security
    • Cloud VPN and Managed SSH
    • Bonus Challenges (Section 2)
    Topics

    Cloud Virtual Networks

    • Network Service Scanning
    • Default Network Configuration
    • Network Security Groups

    Network Traffic Analysis

    • Flow Logging
    • AWS Traffic Mirroring
    • Google Cloud Packet Mirroring
    • Google Cloud Firewall Rules Logging

    Private Endpoints

    • AWS PrivateLink
    • Azure Private Link
    • Google Cloud Private Google Access
    • Google Cloud VPC Service Controls
    • Custom Service Endpoints

    Advanced Remote Access

    • Managed SSH
    • Hybrid VPN Gateways
    • AWS Session Manager
    • Azure Bastion
    • Google Cloud OS Login
    • Google Cloud Identity-Aware Proxy (IAP)

    Command and Control ServersSoftware Supply-Chain Attacks

  • Overview

    Data security is as important, if not more important, in the cloud than it is on-premises. There are countless cloud data leaks that could have been prevented with the appropriate controls. This section examines the cloud services that enable data encryption, secure storage, access control, data loss detection, policy enforcement, and more.

    The first half of Section 3 covers all you need to know about encryption in the cloud. Students will learn about each provider's cryptographic key management solution and how it can be used to apply multiple layers of encryption at rest. Students will also learn how in-transit encryption is performed throughout the cloud, such as the encryption between clients, load balancers, applications, and database servers. These techniques will improve your organization's security while satisfying its legal and compliance needs.

    The second half of Section 3 is primarily focused on cloud storage services. After briefly discussing the most basic storage security technique, turning off public access, it will cover more advanced controls like organization-wide access control, file versioning, data retention, secure transit, and more. It concludes with a discussion of additional data exfiltration paths and how to automatically detect sensitive data storage.

    Exercises
    • Audit Decryption Events
    • Encrypt All The Things!
    • Storage Service Lockdown
    • Sensitive Data Detection and Exfiltration
    • Bonus Challenges (Section 3)
    Topics

    Cryptographic Key Management

    • AWS KMS
    • Azure Key Vault
    • Google Cloud KMS
    • Overview of Single-Tenant Alternatives: AWS CloudHSM, Azure Dedicated HSM, and Azure Key Vault Managed HSM
    • Key Usage Audit Logging

    Encryption with Cloud Services

    • Disk-Level Encryption
    • Service-Level Encryption
    • Column-Level Encryption
    • In-Transit Encryption

    Cloud Storage Platforms

    • Access Control
    • Audit Logs
    • Data Retention

    Sensitive Data Detection and Exfiltration

    • Data Exfiltration Paths
    • Signed URLs
    • Amazon Macie
    • Amazon CloudWatch Logs Data Protection
    • Overview of Microsoft Purview and Azure Information Protection
    • Google Cloud Data Loss Prevention
  • Overview

    This section teaches students how to secure the infrastructure powering their cloud-based applications and how to protect the users of those applications. It begins with App Services, platforms that simplify the process of running and scaling cloud applications. This leads into a computing paradigm taking the industry by storm: serverless Functions as a-Service (FaaS). It balances the discussion of the challenges serverless introduces with the advantages it provides in securing product development and security operations. After introspecting the serverless runtime environments using Serverless Prey (an open-source tool written by the course authors), students will examine and harden practical serverless functions in a real environment. They will also learn how FaaS security impacts App Service security.

    The next module covers how Customer Identity and Access Management (CIAM) can help track and authenticate the users of an organization's applications. The Google Cloud Platform obtained their CIAM services through their acquisition of a company named Firebase. The section concludes with a detailed breakdown of this CIAM and its interplay with Firebase's flagship product, the Realtime Database. This highly popular but rarely reviewed service is a serverless database with many access control considerations and security implications for Google Cloud projects.

    Exercises
    • App Service Security
    • Serverless Prey
    • Hardening Serverless Functions
    • Login with the Microsoft Identity Platform
    • Broken Firebase Database Access Control
    • Bonus Challenges (Section 4)
    Topics

    App Services

    • Overview of AWS Elastic Beanstalk
    • Azure App Service
    • Google App Engine

    Cloud Serverless Functions

    • Security Advantages and Concerns
    • Function as a Service Defense
    • Persistence with Serverless

    Cloud Customer Identity and Access Management (CIAM)

    • Overview of OAuth 2.0, OpenID Connect (OIDC), and SAML
    • Amazon Cognito User Pools
    • Microsoft Identity Platform
    • Overview of Azure AD Business-to-Consumer (B2C) and Microsoft Entra External ID for Customers
    • Google Cloud Identity for Customers and Partners (CICP)
    • Firebase Authentication

    Firebase Databases and Google Cloud Implications

    • Realtime Database
    • Cloud Firestore
    • Google Cloud Privilege Escalation via Firebase
    • Compliance Concerns
  • Overview

    The course concludes with practical guidance on how to operate an organization across multiple cloud providers. Many of the topics discussed in the sections become more complicated if an organization's cloud providers are integrated with one another. We begin by discussing how multicloud integration impacts Identity and Access Management (IAM). Many organizations use long-lived credentials to support multicloud integrations. These credentials are much more valuable to attackers than those that are short-lived. Although students will learn best practices for long-lived credentials, this will only mitigate the risk, not eliminate it. This module goes one step further by demonstrating novel ways to use Workload Identity Federation to authenticate from one cloud provider to another with short-lived cloud credentials.

    The next module covers the cloud-native Cloud Security Posture Management (CSPM) services. Students will use these services to automate security checks for the Center for Internet Security (CIS) Benchmarks we have covered throughout the course. With these capabilities, an organization can take the lessons learned in SEC510 and apply them at scale.

    The final module, Multicloud CSPM, ties these two topics together. Most organizations would prefer to use a single platform to assess the security posture of all of their clouds. After learning about the third-party multicloud CSPM services, students will leverage Workload Identity and Microsoft Defender for Cloud to analyze the security posture of all three cloud providers. If implemented properly, this capability will be invaluable to security organizations. If done wrong, this integration can decrease the security of the organization's AWS accounts and Google Cloud projects. This module will highlight these pitfalls to ensure that students engineer this correctly from the start.

    Exercises
    • Secure Multicloud Integration
    • Automated Benchmarking
    • Microsoft Defender and Multicloud
    • Bonus Challenge Finale
    • Lab Teardown
    • Bonus Challenges (Section 5)
    Topics

    Multicloud Access Management

    • Risks from Long-Lived Credentials
    • Workload Identity Federation
    • Cross-Cloud Authentication Without Long-Lived Credentials

    Cloud Security Posture Management

    • AWS Security Hub
    • Azure Security Center
    • Google Cloud Security Command Center
    • Open-Source Solutions

    Multicloud Security Posture Management

    • Third-Party Multicloud Security Posture Management
    • Microsoft Defender for Cloud CSPM

    Summary

    Additional Resources

GIAC Public Cloud Security

The GIAC Public Cloud Security (GPCS) certification validates a practitioner's ability to secure the cloud in both public cloud and multi cloud environments. GPCS-certified professionals are familiar with the nuances of AWS, Azure, GCP and have the skills needed to defend each of these platforms.

  • Evaluation and comparison of public cloud service providers
  • Auditing, hardening, and securing public cloud environments
  • Introduction to multi-cloud compliance and integration
More Certification Details

Prerequisites

Although SEC510 uses Terraform Infrastructure-as-Code to deploy and configure services in each cloud for the labs, students will not need in-depth knowledge of Terraform or need to understand any of the syntax used. However, students will be introduced at a high level to what this code accomplishes.

The following are courses or equivalent experiences that are prerequisites for SEC510:

For those looking to prepare ahead of time, check out the Terraform Getting Started Guide: https://learn.hashicorp.com/terraform/getting-started/install

This class requires a basic understanding of web application technology and concepts such as HTML and JavaScript. To maximize the benefit for a wider range of audiences, the discussions in this course will be programming language agnostic. Attendees should have some understanding of concepts like databases (SQL) and scripting languages used in modern web applications.

Laptop Requirements

CRITICAL NOTE: Apple systems using the M1/M2 processor line cannot perform the necessary virtualization functionality and therefore cannot be used for this course.

LAB PREPARATION

Please plan to arrive 30 minutes early before your first session for lab preparation and setup. During this time, students can confirm that each cloud account is properly set up, ensure that laptops have virtualization enabled, copy the lab files, and start the Linux virtual machine. For students taking the course Live Online, the instructor will be available to assist them with laptop prep and setup 30 minutes prior to the start of the course.

The first lab of the course, Lab 0, is the foundation for the rest of the course. Failure to complete Lab 0 will prevent the student from completing any other lab exercise. Students should complete as much of Lab 0 as possible prior to the first session.

MANDATORY CLOUD ACCOUNT

The SEC510 course labs contain lab exercises for AWS, Azure, and GCP. Most labs can be completed with any one of these providers. However, we strongly recommend completing the labs for all three providers to learn how the services in each differ in small, yet critical ways. Experiencing this nuance in these interactive labs will help you better defend each platform and prepare for the GPCS certification.

  • SANS will provide students with the AWS account and Azure subscription required to complete the labs for those providers.
  • Students must bring their own Google Cloud account in order to complete all of the course labs.

Prior to the start of class, students must create a Google Cloud account if they would like to complete the associated labs. This account must be brand new (never used for any other purpose). Students who would like to complete the Firebase lab must create a Google Cloud account even if they choose not to complete the rest of the Google Cloud exercises. New Google Cloud users get $300 in free credits:

  • Conference students should not incur any additional costs completing the labs
  • OnDemand students could incur additional fees depending on how long the lab environment remains active

Students can create the Google Cloud account here: https://cloud.google.com

MANDATORY LAPTOP REQUIREMENT

Students must bring their own system configured according to these instructions

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.

Students must be in full control of the network running the VM. The VM communicates with several external services (AWS, Azure, GCP, etc.) over HTTPS, SSH, and other non-standard ports. Running the course virtual machine on a host with a VPN, intercepting proxy, or egress firewall filter may cause connection issues communicating with these services. Students must be able to configure or disable these services for the lab environment to function properly.

BRING YOUR OWN LAPTOP CONFIGURED USING THE FOLLOWING DIRECTIONS:

A properly configured system is required for each student participating in this course. Before starting your course, carefully read and follow these instructions exactly:

  • Host Operating System: Latest version of Windows 10, macOS 10.15.x or later, or Linux that also can install and run VMware virtualization products described below.
  • Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed to utilize the latest USB 3.0 devices.
  • Those who use a Linux host must also be able to access exFAT partitions using the appropriate kernel or FUSE modules.
  • Download and install 7-Zip (for Windows Hosts) or Keka (macOS). Without these extraction tools, you'll be unable to extract large archives we'll supply to you in class.
  • Download and install either VMware Workstation Pro 15.5.x, VMware Player 15.5.x, or Fusion 11.5.x or higher versions before class.
  • If you do not own a licensed copy of VMware Workstation or Fusion, you can download a free 30-day trial copy from VMware. VMware will send you a time-limited serial number if you register for the trial at its website.
  • Other virtualization software, such as VirtualBox and Hyper-V, are not appropriate because of compatibility and troubleshooting problems you might encounter during class.
  • VMware Workstation Pro and VMware Player on Windows 10 are not compatible with Windows 10 Credential Guard and Device Guard technologies. Please disable these capabilities for the duration of the class if they're enabled on your system by following instructions in this document.
Mandatory Host Hardware Requirements
  • CPU: 64-bit 2.5+ GHz multi-core processor or higher
  • BIOS/UEFI: VT-x, AMD-V, or the equivalent must be enabled in the BIOS/UEFI
  • Hard Disk: Solid-State Drive (SSD) is MANDATORY with 50GB of free disk space minimum
  • Memory: 16GB of RAM or higher is mandatory for this class (IMPORTANT! - 16GB of RAM is MANDATORY)
  • Working USB 2.0 or higher port
  • Wireless Ethernet 802.11 B/G/N/AC
  • Local Administrator Access within your host operating system
Mandatory Host Operating System Requirements

You must use a 64-bit laptop with one of the following operating systems that have been verified to be compatible with course VMware image:

  • Latest version of Windows 10, macOS 10.15.x or later, or Linux that also can install and run VMware virtualization products described below.
Mandatory Software Requirements

Prior to class, ensure that the following software is installed on the host operating system:

  • VMware Workstation Pro 15.5.X+, VMware Player 15.5.X+, or Fusion 11.5+
  • Zip File Utility (7Zip or the built-in operating system zip utility)
Cloud Virtual Machine (AWS AMI)

If your workstation or network does not meet the above requirements, please reach out to your instructor, TA, or OnDemand SME for access to the SEC510 Amazon Machine Image (AMI). After sharing the AMI, instructions will be provided for launching and connecting to the virtual machine over Remote Desktop (RDP). This option is required for students that cannot meet the laptop requirements.

IN SUMMARY

Before beginning the course you should:

  • Complete Lab 0.
  • Have a laptop with a solid-state drive (SSD), 16GB of RAM, and a 64-bit operating system.
  • Install VMware (Workstation or Fusion).
  • Windows only: Verify that the BIOS settings have the Intel VT virtualization extensions enabled.
  • Download the SEC510 Lab Setup Instructions and Course Media from your sans.org account.
  • Register a NEW GCP account with a free trial prior to the start of class at https://cloud.google.com

After you have completed those steps, your course media will be delivered via download. The media files for class can be large, some in the 40 to 50 GB range. You need to allow plenty of time for the download to complete. Internet connections and speed vary greatly and are dependent on many different factors. Therefore, it is not possible to give an estimate of the length of time it will take to download your materials. Please start your course media downloads as you get the link. You will need your course media immediately on the first day of class. Waiting until the night before the class starts to begin your download has a high probability of failure.

In today's learning environment, we have found that a second monitor and/or a tablet device can be useful for keeping the class materials visible while the instructor is presenting or while you are working on lab exercises.

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org

Author Statement

"The use of multiple public cloud providers introduces new challenges and opportunities for security and compliance professionals. As the service offering landscape is constantly evolving, it is far too easy to prescribe security solutions that are not effective in all clouds. While it is tempting to dismiss the multicloud movement or block it at the enterprise level, this will only make the problem harder to control.

"Why do teams adopt multiple cloud providers in the first place? To make their jobs easier or more enjoyable. Developers are creating products that meet the organization's goals, not for the central security team. If a team discovers that a service offering can help get its product to market faster, it can and should use it. Security should embrace the inevitability of the multicloud movement and take on the hard work of implementing guardrails so the organization can move quickly and safely.

"The multicloud storm is here, whether you like it or not."

- Brandon Evans and Eric Johnson

"Simply outstanding! All the way around. Very well done." - Ryan Stillions, IBM X-Force IR

Reviews

He has been fantastic. No words. Brilliant! Such energy and wisdom.
Rav Goindi
GResearch
Amazingly put together course. Very actionable material at each page turn.
Jordan N.
US Federal Government
The course content has been very well put together, well researched, and is very applicable.
Dan Van Wingerden
Radiology Partners
It is amazing how the lab was able to talk to three live cloud providers at the same time. It was impressive.
Christopher Hearn
Harris County
Excellent depth and explanation of the different cloud environments.
Robert Jones
Educational Testing Services

    Register for SEC510

    Loading...