Top Cybersecurity Training Protects Your Assets - Learn From the BEST and Apply New Knowledge Immediately!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Secure by Default? Scoring the Big 3 Cloud Providers

  • Monday, January 27, 2020 at 1:00 PM EST (2020-01-27 18:00:00 UTC)
  • Brandon Evans

You can now attend the webcast using your mobile device!



This presentation will provide a technical comparison of the default configurations for various services provided by the Big 3 Cloud Providers: AWS, Azure, and the Google Cloud Platform. We will compare services apples to apples, preferring platforms powered by open-source software where possible. Using a consistent methodology, I will score each provider in a variety of categories and give each a report card. Attendees will be provided resources to evaluate these services for themselves and introduce alternative viewpoints.

Topics include: the strength of access controls for file storage solutions (AWS S3, Azure Storage, and Google Cloud Storage), encryption of data in-transit and at rest for managed SQL servers (AWS RDS, Azure Database, and Google Cloud SQL), management and invocation privileges for serverless functions (AWS Lambdas, Azure Functions, and Google Cloud Functions), and much more.

Our goal is to bring attention to the importance of scrutinizing default settings, especially for new functionality. With better awareness, we can hold our providers to a higher standard to make the path of least resistance a safe one. Long-term, we should push for the ability to better control what actions and configurations are allowed within our cloud accounts.

Speaker Bio

Brandon Evans

Brandon works for Zoom Video Communications, in which he leads their internal Application Security training. As an application developer for most of his professional career, he moved into security full-time largely because of his many formal trainings through SANS. He’s a contributor to the OWASP Serverless Top 10 Project and a co-leader for the Nashville OWASP chapter. Brandon is lead author for the new SEC510: Public Cloud Security: AWS, Azure, and GCP and a contributor and instructor for SEC540: Cloud Security and DevOps Automation. Read more about Brandon here.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.