| Uncategorized

Amazon Web Services (AWS) runs the most popular and used cloud infrastructure and suite of services. IT Security professionals, DevOps, DevSecOps, Cloud/IT admins will all benefit from learning how to perform security tests on their cloud infrastructure and possessing both industry standard certifications AWS Certified Cloud Practitioner, and AWS Certified Security Specialty.

The first day of this 2-day workshop of hands-on training with guided walkthroughs, and scenario based attacks against live AWS infrastructures. Environment build scripts will be provided to help students quickly deploy the target infrastructures. The second day is focused on helping the user prepare for both the AWS Certified Cloud Practitioner, and AWS Certified Security Specialty.

Approximately 50-60% of the training sessions will be dedicated to the coverage of tools that can be used for attacking and auditing AWS infrastructures.

Due to the attack focused nature of the training, and time constraints the training WILL NOT spend a lot of time on security architecture, defence in depth, etc.

Although mitigations for each of the attacks will be covered, the instructor will point out to the relevant security documentation provided by AWS for further self-study.

Course Outline

Module 1: AWS Fundamentals

  • EC2 (Elastic Cloud Compute)
  • S3 (Simple Storage Service)
  • EBS (Elastic Block Storage)
  • RDS (Relational Database Service)
  • ELB (Elastic Load Balancers)
  • VPC (Virtual Private Cloud)
  • Lambda

Module 2: OSINT against cloud targets

  • Techniques for Open Source Intelligence
  • Tools for finding public buckets
  • Tools for discovering, stealing keys and endpoints

Module 3: Attacking cloud compute

  • Setting up Attack Tools and VMs using automation
  • Attacking EC2 and ELBs
  • Application Misconfigurations
  • EC2 metadata abuse
  • Stealing credentials
  • Attacks against virtualization
  • Using AWS Inspector for audits and attacks

Module 4: Attacking cloud storage

  • Abusing AWS S3 misconfigurations
  • Discovering and pillaging EBS
  • Cloud forensics for discovery and attacks

Module 5: Attacking cloud databases

  • AWS RDS misconfigurations
  • Data pilferage

Module 6: Attacking serverless endpoints

  • Attacking Serverless endpoints (AWS Lambda)

Module 7: Applying AWS Security & Monitoring Technologies

  • AWS Security Groups
  • AWS VPCs
  • AWS CloudWatch
  • AWS CloudTrail
  • AWS Flowlogs
  • AWS Cloud DNS Route53
  • AWS Config

Module 8: AWS and compliance

  • PCI DSS for AWS
  • FedRamp, RMF, GovCloud

Module 9: AWS exam prep

  • AWS Certified Cloud Practitioner
  • AWS Certified Security Specialty

Target audience (Who should attend)

  • Penetration Testers
  • IT Security Professionals
  • IT Auditors
  • DevSecOps Professionals
  • DevOps Professionals
  • Cloud / IT Professionals

Training delivery approach (What to expect)

  • Completely live-online training
  • Completely hands-on (85% attacking live AWS infrastructure)
  • Automation scripts will be provided to bring up your AWS cloud infrastructure
  • Fast paced training
  • Using cloud control panel, CLI, AWS services and chosen security and management tools which will be provided
  • While we will be using free-tier AWS services as much as possible, you can expect some minimal account charges (less than $10 USD in AWS charges should be expected).

Hardware & Software Requirements

  • Student must have their own AWS account which has been activated for payments

Training schedule
September 5th and 6th 2019 from 9am EST – 4pm EST
Lunch break from 11:30am EST to 12:30pm EST

Training cost
$200USD if purchased by August 29th 2019
$300USD if purchased between August 30th – September 1st 2019
$400USD if purchased after September 2nd 2019