Join us at the Rocky Mountain Hackfest, Live Online!! Virtual summit and courses take place June 4-13.

UPenn Partnership SEC545 - Live Online

Virtual, US Eastern | Mon, Sep 28, 2020 - Fri, Oct 2, 2020

This course is part of the SANS Partnership Program. Students affiliated with an eligible institution* may enroll in this course at a discounted rate of $2810. To receive this rate, enter the appropriate discount code when registering. All registrations using a code will be audited to confirm that they are eligible to receive the discounted rate.

This class is ONLINE, please click on the blue "Register Now" button to the right.

If you are affiliated with a Partnership-eligible institution enter discount code 61715OS to receive your Partnership pricing!

* Eligible institutions include US- and Canada-based educational Institutions (any accredited educational institution, including colleges, universities, technical training institutes and K-12 schools) and any US state or local government agency.

Cloud Security Architecture and Operations Private

Cloud Security Architecture and Operations Private

 

As more organizations move data and infrastructure to the cloud, security is becoming a major priority. Operations and development teams are finding new uses for cloud services, and executives are eager to save money and gain new capabilities and operational efficiency by using these services. But will information security prove to be an Achilles' heel? Many cloud providers do not disclose detailed control information about their internal environments, and many common security controls used internally may not translate directly to the public cloud.

SEC545: Cloud Security Architecture and Operations will tackle these issues one by one. We'll start with a brief introduction to cloud security fundamentals, then touch on the Cloud Security Alliance framework for cloud control areas. The rest of day 1 will cover the critical concepts of cloud technical security principles and controls for Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS), SaaS brokering services, and architecture concepts for containers and serverless controls and architecture. We'll finish up with an introduction to Infrastructure-as-a-Service (IaaS) and virtualization security.

The course then moves into cloud architecture and security design for two full days, both for building new architectures and adapting tried-and-true security tools and processes to the cloud. This will be a comprehensive discussion that encompasses network security (firewalls and network access controls, intrusion detection, and more), as well as all the other layers of the cloud security stack. We'll visit each layer and its components, including building secure instances, data security, identity and account security, and much more.

We'll then devote an entire day to adapting our offense and defense architecture and processes for the cloud. This will involve looking at vulnerability management and pen testing, as well as covering the latest and greatest cloud security research. On the defense side, we'll delve into incident handling, forensics, event management, and application security.

We'll wrap up the course by taking a deep dive into DevSecOps and automation, investigating methods of embedding security into orchestration and every facet of the cloud life cycle. We'll explore tools and tactics that work, and even walk through several cutting-edge use cases where security can be automated entirely in both deployment and incident detection-and-response scenarios using APIs and scripting.

Available Courses
Title Certification Instructor
Private SEC545: Cloud Security Architecture and Operations
Dave Shackleford