Talk With an Expert

Prevent Real Cloud Attacks with Terraform

  • Wed, May 28, 2025
  • 2:00PM - 3:00PM UTC
  • English
  • Brandon Evans
  • Technical Presentation
Webcast Hero

Implementing cloud security controls is hard. Implementing them at scale is harder. Tools like HashiCorp Terraform and its open-source forks, such as OpenTofu, help organizations consistently enforce security and compliance using Infrastructure-as-Code. Unfortunately, not every security professional knows how to use Terraform, let alone use it securely.

Join Brandon to learn all of the Terraform concepts and idiosyncrasies you need to know to effectively secure environments in the Big 3 cloud providers. He will cover the foundations, advanced techniques for automatically applying critical security controls, and risks that can be introduced by using Terraform improperly. At the end of the webcast, attendees will gain access to a brand-new resource for leveling up their Terraform skills. Whether you are an experienced Terraform power user or someone who has put off learning the tool for years, you are not going to want to miss this!

Learning Objectives:

  • Understand how different Terraform blocks interact to enforce cloud security controls across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud.
  • Mitigate several of Terraform’s security risks, including hardcoded secrets, insecure state files, and the misuse of Terraform directives like jsonencode.
  • Leverage Terraform templates provided by SANS to improve your cloud’s security posture with a few modifications.

This webcast supports content from SANS Institute SEC510: Cloud Security Controls and Mitigations™. Brandon has written thousands of lines of Terraform code to build SEC510’s lab environment, which contains hundreds of resources across the Big 3 cloud providers.

Meet the speaker

Brandon Evans
Brandon Evans

Brandon Evans

Owner and InfoSec Consultant

Brandon is an independent security consultant and SANS Senior Instructor. He is lead author for SEC510: Cloud Security Controls and Mitigations; GPCS holder #1, multi-year RSA Conference presenter, and cloud Bug Bounty collector.

Read more about Brandon Evans