Practical offensive and defensive cloud security in AWS (On-site Training)

If you are on the Internet, you are most probably interacting with applications and services that are hosted on the cloud. AWS is a clear winner in the cloud infrastructure world with a majority of the market share. With more and more companies migrating to cloud from traditional hosting for their applications and services, there is a need for security professionals who can assess the security as well as improve the security posture of the cloud infrastructure.

The training is intense, hands-on with guided walk-throughs, scenario based, covers tools & techniques that can be used for attacking and defending in the AWS cloud.

From an offensive security PoV, students will learn to enumerate, exploit and pivot inside AWS environments. We will delve deep into AWS cloud vulnerabilities and will go beyond the basics. This training will cover real world attacks (mimicking real breaches) and scenarios that are based on our extensive cloud penetration testing experience.

From a defensive security PoV, students will learn to defend against the attacks covered in the training. Students will also learn a practical approach to securing their AWS infrastructure based on standards such as NIST Cybersecurity Framework (Identify/Protect/Detect).

The training contains four or more scenarios that build a story which mimics how attackers exploit cloud infrastructure in the real world. Once students are familiar with the ways in which attackers can breach cloud infra, they’ll learn to defend the same infrastructure.

Training objectives:

  • To provide students hands-on exposure to attacking and defending AWS cloud infrastructure
  • To provide students the knowledge that they can use to test the security of their AWS infrastructure
  • To make students familiar with a practical approach to secure their AWS infrastructure

Course outline

Below is the outline of the baseline topics we will be covering in the training. However, the delivery will be in a scenario driven fashion.

Intro to cloud infrastructure and information security

  • AWS essentials (Mostly hands-on)
  • Attacking Cloud Compute
  • Attacking Serverless endpoints
  • Attacking Cloud storage
  • Attacking Cloud databases
  • Attacking IAM
  • Attacking Amazon Cognito
  • Exploiting misconfigurations in Amazon API Gateway
  • Exploiting Amazon Elastic Container Service
  • Lesser known attack vectors in AWS
  • Recon and OSINT against cloud targets
  • Auditing AWS Accounts & Infrastructure
  • Capture the flag

We will conclude the training with a hands-on CTF in which each attendee will get to practice their newly learnt skills both as attacker and defender. The challenges are meant to evaluate key concepts and skills that you would have gained over the course of the training.

  • Hands on challenges for the students
  • Walk-through of all challenges

About the Speakers