Top Cybersecurity Training Protects Your Assets - Learn From the BEST and Apply New Knowledge Immediately!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Scripting Cloud Security Capabilities

  • Tuesday, November 07, 2017 at 10:30 AM EST (2017-11-07 15:30:00 UTC)
  • Kenneth G. Hartman

You can now attend the webcast using your mobile device!



ITIL defines a capability as the "ability to carry out an activity" and indicates that capabilities are assets that can be intentionally managed and improved in pursuit of the company's mission. NIST Special Publication 800-53R4 states that a security capability generally results from the selection and implementation of a set of mutually reinforcing security controls. Forward-thinking companies like Google. Microsoft, and Amazon are delivering their cloud services such that they can be consumed by other services via an Application Programming Interface (API). This has given rise to several important concepts such as Software Defined Networking, Orchestration, and Infrastructure as Code. A central theme is that everything that is customized or unique has been reduced so that it can be expressed as version-controlled program code. This allows organizations to encapsulate, inherit, abstract, and reuse their IT capabilities just like other code. Using selected examples from the CIS Critical Security Controls , this presentation will share some concepts, tools and practical experiences of a security engineer using the "capabilities as code" approach to improve the security of his organization's use of Amazon Web Services.

Speaker Bio

Kenneth G. Hartman

Kenneth G. Hartman is a security consultant based in Traverse City, Michigan. Ken’s motto is “I help my clients earn and maintain the trust of their customers in its products and services.” Toward this end, he consults on a comprehensive program portfolio of technical security initiatives focused on securing client data in the public cloud. Ken has worked for a variety of Cloud Service Providers in both the Midwest and Silicon Valley in architecture, engineering, compliance, and security product management roles. An instructor for SEC545: Cloud Security Architecture and Operations and SEC488: Cloud Security Essentials, Ken has also been the co-chair of the 2019 SANS Cloud Security Operations Solutions Forum, the 2019 and 2020 SANS Cloud & DevOps Security Summits.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.