Cloud Security
Secure cloud workloads: identity, network, data protection, and threat detection.
1. Shared Responsibility Model
Cloud security fundamentals and delineation of duties.
2. Identity and Access Management
IAM design, least privilege, roles vs users, MFA, and federation.
3. Network Security in Cloud
VPC security, security groups, NACLs, private subnets, and bastions.
4. Data Protection and Encryption
KMS, envelope encryption, key rotation, S3 security, and backups.
5. Monitoring and Detection
CloudWatch/CloudTrail, GuardDuty-style concepts, alerts, and SIEM.
6. Lab: Secure a Cloud Account
Harden IAM, lock down VPC, enable logging, and configure alerts.
7. Incident Response in Cloud
Playbooks, isolation, snapshotting, forensic capture, and recovery.
8. Assignment: Cloud Security Review
Audit an environment and deliver a remediation plan.
10. Cloud Identity Attack Paths
Understand privilege escalation and identity abuse paths in cloud environments and how to prevent them.
11. IAM Policy Design Patterns
Design practical least-privilege IAM policies with scoped permissions and separation of duties.
12. Lab: IAM Policy Hardening
Audit and rewrite permissive IAM policies, then validate access outcomes with test users.
13. Cloud Network Segmentation Strategy
Design secure VPC segmentation, route controls, and private service boundaries.
14. Public Exposure Risk Reduction
Identify and eliminate risky internet exposure for storage, compute, and admin surfaces.
15. Lab: External Exposure Audit
Discover publicly exposed resources and apply containment + remediation controls.
16. Data Encryption Architecture
Plan key hierarchy, rotation, and encryption boundaries for data at rest and in transit.
17. Secrets Management in Cloud
Use managed secret stores, access controls, and rotation policies for credentials and keys.
18. Lab: Key and Secret Governance
Implement secure key usage and secret rotation with policy-based access restrictions.
19. Cloud Logging and Audit Strategy
Define critical audit events and retention policy for reliable investigation readiness.
20. Threat Detection in Cloud Control Plane
Identify suspicious administrative behavior and high-risk changes in cloud environments.
21. Lab: Detection Rule Tuning
Tune cloud detection rules to reduce noise while preserving meaningful alerts.
22. Cloud Incident Response Operations
Build cloud-native response procedures for isolation, evidence collection, and service recovery.
23. Lab: Cloud Incident Walkthrough
Execute a mock cloud incident response from alert triage to recovery and reporting.
24. Security Posture Management and Benchmarks
Use benchmark frameworks and posture checks to drive continuous cloud hardening.
25. Capstone: Cloud Security Architecture Review
Produce a full security review covering IAM, networking, data protection, monitoring, and incident readiness.