Cut through the mystery of cloud services on our 4 day course.
This 4-day course cuts through the mystery of Cloud Services (including AWS, Azure, and Google Cloud Platform) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and knowing how to protect yourself from them is critical. This course covers both the theory as well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure. Prior pentest/security experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common Unix command-line syntax will be beneficial.
Note: Students will have access to a state-of-the-art Hacklab with a wide variety of vulnerabilities to practice exploitation and will receive a FREE 1 month subscription after the class to allow more practice time along with the support portal to clear doubts..
Highlights of our Training:
- Gaining Entry in cloud via exposed services
- Attacking specific cloud services
- Post Exploitation
- Defending the Cloud Environment
- Host base Defenses
- Auditing and benchmarking of Cloud
- Continuous Security Testing of Cloud
4 day Course
Available by Partners
Live, online available
Hack-Lab available
Basic
Course Overview
Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and knowing how to protect yourself from them is critical. This course covers both the theory as well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure.
This 4 Day class is the perfect class for cloud practitioners (defenders and attackers alike) who would like to have a deeper understanding of cloud environments and various attack surfaces. The training also extensively deals with defensive scenarios and various labs around defending cloud environments providing a 360 degree coverage on cloud security.
Prior pentest/security experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common Unix command-line syntax will be beneficial.
Upcoming courses
Enquire about your training
We provide training directly (live, online or in person) and also work with a range of training partners in different locations around the globe for classroom or live, online training. Please contact us with details of your requirement and we will recommend the best route to access our amazing training.
The course can also be booked directly through our accredited training partners.
If booked through Check Point, Cyber-Security Learning Credits are accepted for this course.
For security and IT decision makers
What’s the real impact of training your team through NotSoSecure?
Uncover and harden your organisation’s cloud attack surface by building a team that can test, identify, and guide developers to remediate – and further avoid – the emergence of cloud-based vulnerabilities and misconfigurations. Trained delegates can:
- Perform testing to identify and safely exploit complex vulnerabilities and security misconfigurations in AWS, Microsoft Azure, and Google Cloud Platform (GCP).
- Design this testing around real-world attacker behaviour and tooling, making it relevant to the threats facing your organisation.
- Identify the attack surface exposure created by cloud-based services such as virtual machines (VMs), buckets, container as a service (CaaS) platforms, and serverless functions.
- Exploit, defend, and audit containerisation environments.
- Collaboratively plan cloud defence strategies that include patching, asset inventory management, and other security controls.
- Recommend and help implement cloud-based attack detection and response tactics.
- Understand the business impact of cloud misconfigurations and vulnerabilities, and articulate this to key stakeholders.
- Contribute to a secure cloud roadmap by understanding the balance between cloud growth and risk and the implications of different cloud architecture models.
- Take on greater responsibility in the team and become an advocate of security in the wider business.
You will be able to:
- Learn how to tackle cloud security issues for AWS, Azure and Google Cloud Platform in theory and in practice
- Understand complex vulnerabilities within the Cloud environment and learn how to effectively secure them.
- Enumerate cloud assets and gain entry into a cloud environment
- Learn how to prepare for Auditing and audit the data plane and golden images, AMI and Docker images
You will receive:
Access to our Hack-Lab is not just for your work during the course, you will have access for 30 days after the course too. This gives you plenty of time to practice the concepts taught during the course. The Hack-Lab contains a wide variety of challenges. Numerous scripts, a custom build Linux Distribution with new developer tools will also be provided during the course, along with Delegate handouts.
What you can take away from the course:
Delegates will gain knowledge of attacking, exploiting and defending a variety of Cloud infrastructure. First, they will play the part of the hacker, compromising serverless apps, cloud machines, storage and database services, dormant assets and resources.
Delegates will learn privilege escalation and pivoting techniques specific to cloud environments. This is followed by Infrastructure Defense, secure configuration, auditing, logging, benchmarks.
Delegates will learn preventive measures against cloud attacks, host-based defense and a number of cloud tools that can help in securing their services and resources. Apply the learning to:
- Identify weaknesses in cloud deployment
- Fix the weaknesses in your cloud deployment
- Monitor your cloud environment for attacks
The free 30 day lab access provides attendee additional time to learn advanced topics in their own time and at their own pace.
Details of the course content:
INTRODUCTION TO CLOUD COMPUTING
- Introduction to cloud and why cloud security matters
- Comparison with conventional security models
- Shared responsibility model
- Legalities around Cloud Pentesting
- Attacking Cloud Services
ENUMERATION OF CLOUD ENVIRONMENTS
- DNS based enumeration
- OSINT techniques for cloud-based asset
GAINING ENTRY VIA EXPOSED SERVICES
- Serverless based attacks (AWS Lambda / Azure & Google functions)
- Web application Attacks
- SSRF Exploitation over AWS ElasticBeanStalk
- Exploiting vulnerable applications over GCP and Azure
ATTACKING STORAGE SERVICES (AWS, AZURE, GCP)
- Exploring files in storage
- Exploring SAS URL's in Azure
- Achieving privilege elevation via secrets in Storage
- Remote code Execution via storage in PaaS, FaaS environment
ATTACKING AZURE AD ENVIRONMENT
- Enumeration in Azure AD
- Various Azure Services
- Azure Service exploitation
- Stealing secrets from Azure services
IAM MISCONFIGURATION ATTACKS
- Exploiting Shadow admins in AWS and Azure
- Attacking AWS Incognito misconfigurations
EXPLOITING PLATFORM AS A SERVICE ENVIRONMENTS (AWS BEANSTALK AND OTHERS) POST – EXPLOITATION
- Persistence in Cloud
- Post exploit enumeration
- Snapshot access
- Backdooring the account
CONTAINERS AS A SERVICE AND K8S EXPLOITATION
- Understanding how container technology work (namespaces, cgroup, chroot)
- From docker to kubernetes
- Identifying vulnerabilities in docker images
- Exploiting misconfigured containers
- Exploiting docker environments and breaking out of containers
- Exploring kubernetes (k8s) environments
- K8s exploitation and breakouts
- Pivoting to host OS
DEFENDING CONTAINERS
- Container Image security basics
- Container Host security
DEFENDING K8S
- Authentication Methods and Configuration
- Native Authorization and Third Party Solutions
- Cluster Network Protections
- Monitoring K8s Environments
DEFENDING THE CLOUD ENVIRONMENT
- Identification of cloud assets
- Inventory Extraction for AWS, Azure and GCP
- Continuous inventory management
- Protection of Cloud Assets
- Principle of least privilege
- Control Panel and Data Panel Protection
- Financial Protections
- Cloud specific Protections
- Metadata API Protection
- Detection of Security issues
- Setting up Monitoring and logging of the environment
- Identifying attack patterns from logs
- Revisiting day 1 attacks via logs
- Real time monitoring of logs
- Monitoring in multi-cloud environment
- Response to Attacks
- Automated Defense techniques
- Cloud Defense Utilities
- Validation of Setup
AUDITING AND BENCHMARKING OF CLOUD
- Preparing for the audit
- Automated auditing via tools
- Golden Image / Docker image audits
- Auditing Kubernetes Environments using Opensource tools
- Windows IaaS auditing
- Linux IaaS Auditing
- Relevant Benchmarks for cloud
CTF to reinforce learning
Prerequisites
Who Should Take This Class?
Cloud Administrators, Developers, Solutions Architects, DevOps Engineers, SOC Analysts, Pen Testers, Network Engineers, security enthusiasts and anyone who wants to take their skills to next level.
Prior pen testing experience is not a strict requirement, however, some knowledge of Cloud Services and common command line syntax will be greatly beneficial.
You will need:
You must bring your own laptop and have admin/root access on it and must have a virtualization software (virtualbox / VMWare) pre installed. A customized version of Kali Linux (ova format) containing custom tools, scripts and VPN scripts for the class will be provided to you. Your laptop should have at least 4 GB RAM and 20 GB of free disk space dedicated for the VM.
Course Information
You can download a copy of the course information below.
In addition you will also be provided with a student pack, handouts and cheat-sheets if appropriate.
Your Training Roadmap
Offensive Classes
Hacking training for all levels: new to advanced. Ideal for those preparing for certifications such as CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST as well as infrastructure / web application penetration testers wishing to add to their existing skill set.
Defensive Classes
Giving you the skills needed to get ahead and secure your business by design. We specialise in application security (both secure coding and building security testing into your software development lifecycle) and cloud security. Build security capability into your teams enabling you to move fast and stay secure.
Testimonials
Very impressed with the lab environment. Course is packed with Information and exciting challenges. Excellent Content and in-depth presentation. Loved the practice timing and walk-through. The extended lab access is helpful to practice after the class."
Delegate, Black Hat USA
GREAT CLASS."
Delegate, Hacking and Securing Cloud - Public Course
I really appreciated being able to take my own time over the material in the lab."
Delegate, Hacking and Securing Cloud - Public Course
It was a full 2 days and quite fast! I'm really keen to know more now."
Delegate, Hacking and Securing Cloud - Public Course
It provided me with the latest Information Security research & development."
Delegate, Black Hat USA
The training was fantastic, I'm sure I'll do the related webinars as well when I have the chance."
Delegate, Hacking and Securing Cloud - Public Course