SEC510: Public Cloud Security: AWS, Azure, and GCP Multiple clouds require multiple solutions. SEC510 provides cloud security practitioners, analysts, and researchers with the nuances of multi- cloud security. Students will obtain an in-depth understanding of the inner workings of the most popular public cloud providers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud (often referred to as Google Cloud Platform, or GCP). SEC510 leverages industry-renowned standards and methodologies, such as the Center for Internet Security (CIS) Cloud Foundations Benchmarks, MITRE ATT&CK Cloud Matrix, and Cyber Defense Matrix alongside original research. Students will then apply that knowledge through hands-on exercises in real cloud environments for each provider, launching unhardened services, analyzing their security configurations, validating that they are insufficiently secure, deploying patches, and validating the remediation. This teaches students the philosophies that undergird each provider and how these have influenced their services. Students will leave the course confident that they have the knowledge they need to support their organization’s adoption of Platform as a Service (PaaS)/Infrastructure as a Service (IaaS) offerings in each cloud. “This class was an excellent investment. I learned a great deal about the various strengths and weaknesses of the three largest cloud providers’ default services and default configurations as well as inherent insecurities that can’t be easily mitigated. There is a great deal of actionable content that I can take back to my team as we work to monitor and help our clients secure their cloud environments.” —John Senn, EY Hands-On Training SEC510: Public Cloud Security: AWS, Azure, and GCP reinforces all of the concepts discussed in the lectures through hands-on labs in real cloud environments. Each lab includes step-by-step guide as well as a “no hints” option for students who want to test their skills without further assistance. This allows students to choose the level of difficulty that is best for them and fall back to the step-by- step guide as needed. Students can continue to access the lab instructions, application code, and infrastructure-as-code after the course concludes. With this, they can repeat every lab exercise in their own cloud environments as many times as they would like. SEC510 also offers students an opportunity to participate in Bonus Challenges each day in a gamified environment, while also providing more hands-on experience with the Big 3 cloud sevice providers and relevant utilities. Can you win the SEC510 Challenge Coin? Course Authors’ Statement “The use of multiple public cloud providers introduces new challenges and opportunities for security and compliance professionals. As the service offering landscape is constantly evolving, it is far too easy to prescribe security solutions that are not effective in all clouds. While it is tempting to dismiss the multicloud movement or block it at the enterprise level, this will only make the problem harder to control. “Why do teams adopt multiple cloud providers in the first place? To make their jobs easier or more enjoyable. Developers are creating products that meet the organization’s goals, not for the central security team. If a team discovers that a service offering can help get its product to market faster, it can and should use it. Security should embrace the inevitability of the multicloud movement and take on the hard work of implementing guardrails so the organization can move quickly and safely. “The multicloud storm is coming, whether you like it or not.” —Brandon Evans and Eric Johnson You Will Be Able To • Make informed decisions in the Big 3 clouds by understanding the inner workings of each of their Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) offerings • Implement secure Identity and Access Management (IAM) with multiple layers of defense-in-depth • Build and secure multicloud networks with segmentation and access control • Encrypt data at rest and in-transit throughout each cloud • Control the confidentiality, integrity, and availability of data in each cloud storage service • Support non-traditional computing platforms like Application Services and serverless Functions as a Service (FaaS) • Integrate each cloud provider with one another without the use of long-lived credentials • Automate security and compliance checks using cloud-native platforms • Guide engineering teams in enforcing these security controls using Terraform and Infrastructure-as-Code (IaC) Business Takeaways • Maximize technology spend of equipment, services, and employees • Decrease the organization’s risk profile through customized security configurations • Control the confidentiality, integrity, and availability of data in every cloud service provider • Increase use of secure automation to keep up with the speed of today’s business environment 5 Day Course 38 CPEs Laptop Required sans.org/sec510 • Watch a preview of this course • Discover how to take this course: Online, In-Person GPCS Public Cloud Security giac.org/gpcs “ Labs are insane. Such a great setup. I’m learning a ton and plus will be able to build upon this great foundation.” —Dan Van Wingerden, Radiology Partners