$500 – $2,500

Multiple Dates

Cloud Security Training | 2nd Sight Lab | Seattle, Washington, USA

Event Information

Share this event

Date and Time



SURF Incubator

999 3rd Avenue

#Suite 700

Seattle, WA 98104

View Map

Refund Policy

Refund Policy

Refunds up to 30 days before event

Event description


Do you want to learn more about cloud security?

Perhaps you are seeking a security certification? Whether you are an auditor, software developer, IT professional, a security professional, or anyone comfortable running scripts on a computer who wants to know more about cloud security, this class is for you. On each day, we dive into different aspects of cloud security from managing security as a whole for an organization to specific cloud security services. The class covers AWS, Azure, and Google Cloud Platform security plus some SAAS, micro-services, and hybrid cloud architecture. You'll get a reinforcement of basic security knowledge and best practices along the way but in the context of how they apply to cloud. We've already taught this class to Cisco, large multi-national organizations, and employees of AWS premier partners.

Early registration discounts available - see tickets for details

Teri Radichel, your class instructor, has many years of cloud security experience, many SANS certifications, including a GSE, and formerly taught the SANS cloud security class. This new class is designed differently based on her real-world experience helping Capital One and other companies move to the cloud, on-going cloud security research, and her cloud security whitepapers on event-driven security automation, automated incident response, packet capture in the cloud, and balancing security and innovation. She speaks at many cloud security events like AWS re:Inforce, RSA, BSides, and others. She has a blog on cloud security, is on the IANS Faculty, and is a member of Infragard. You can see what she's up to and follow her on Twitter @teriradichel.

You can register for one day of class, or all five days but please note the dates are Mondays each week for five weeks. If you would like to attend all five days consecutively, I offer the class to companies in person in that format for a minimum of 10 people. People from multiple companies can participate if sponsored by a single organization. Connect with me on LinkedIn to find out more about that option.

This class has hands-on labs. If you don't like running scripts and typing in web consoles then you can follow along anyway, but the labs are a good portion of the class, along with some lecture. The labs work for varying levels of experience, so if you're a beginner or familiar with DevOps, it's OK! You will need to bring a laptop with the ability to connect to wi-fi in the classroom and your own cloud accounts. You'll be provided instructions to set up accounts a few weeks in advance. You need to set up your accounts at least one week before class so we can prepare to provide you the materials for class. No, we are not going to hack your account, we simply share some information in the cloud and consider the related security. We suggest you create new accounts and do not use production accounts! Shared accounts and non-admin accounts may not be able to do all steps in every lab, but you'll still learn a lot.

Refunds up to 30 days prior to class. Your payment is non-refundable 30 days prior to September 9, 2019. We have to set up and pay for things in order to run the class so cannot afford to refund money after that date. You may transfer your registration to another person as long as pre-approved by 2nd Sight Lab.

Snacks are provided at breaks. Lunch is on your own. You can park in the building, but it is not free. Please refer to the Surf Incubator web site for more information.

Questions? Please connect on LinkedIn.

Day 1: Cloud Security Strategy

September 9th, 9 a.m. - 5 p.m.

Introduction to AWS, Azure, GCP, and automation. On day one, we set up the lab environments in AWS, Azure, and GCP and do some security automation. If you haven't used all three platforms before it's a good idea to start here. You'll also learn about costs and budgeting. If you already are familiar with the basics, we have some more advanced tasks along with the basic setup.

GRC: Security is a lot more than turning on cloud services! On this first day, we also cover GRC - Governance, Risk, and Compliance - but hopefully not in a boring, dry way. All it takes is one mistake in your environment to let the bad guys infiltrate your systems and network. Find out how to manage this risk and compliance to prevent mistakes like open S3 buckets and other configuration errors.

Top cloud threats. How is someone going to break into your cloud? What do you really need to be worried about based on what's happening to other companies in the industry?

Overview of Cloud Security Services. You'll get an overview of the cloud services available and an updated version of my chart comparing cloud security services on AWS, Azure, and GCP.

Day 2: Cloud Networking

September 16th, 9 a.m. - 5 p.m.

Networking, Networking, and more Networking! Day two is a full day of networking. Network security is so critical in the cloud because everything connects to everything. Your network can either be the source of Internet attacks, or a strategic way to reduce your attack surface and "pivoting" in your account. Proper network design can also help you spot attacks more effectively. What's the best way to connect from your on-premises environment to the cloud? What options does each cloud offer? How about SAAS applications connecting from everywhere - what can you do about that? Get real-world, hands-on experience with cloud networking services and monitoring tools. Learn to decipher what's going on in your cloud network logs.

Day 3: Data and Application Security

September 23rd, 9 a.m. - 5 p.m.

Data Security: Find out what options the cloud platforms offer in terms of data security. Learn about different types of encryption and encryption services in transit and at rest, PKI, IOT options, HSMs. Learn the pros and cons of managing your own keys versus using the services provided by the cloud platform. Use encryption to protect your data wherever it is stored - on disks, in new types of cloud storage like S3 buckets, and databases hosted in the cloud. Leveraging DLP (data loss prevention) tools to protect your data. Learn how to protect and rotate secrets and SSL certificates - so they don't take down your applications when you forgot they were about to expire!

Application Security and Monitoring: Learn how to manage your virtual machines securely - things like patching in a new cloudy way. Of course, we must cover containers and serverless technologies, along with related threats and benefits. Learn about some of the cloud vendor tools and options. We'll talk about API, IOT, and application storage security. We briefly cover application security basics like the OWASP top 10 (not complete coverage as that alone could be a five-day class), but application security is still critically important in the cloud and a primary attack vector. We'll also cover things the many types of logging available to monitor your application security. Learn about different types of agents and monitoring that can help you with vulnerability assessments and monitoring for top cloud threats.

Day 4: IAM, DevOps, and Multi-Cloud

September 30th, 9 a.m. - 5 p.m.

IAM: Stolen credentials is one of your most significant risks in the cloud. On day four, we look at how you can better protect your account with IAM policies, MFA, and other strategies like segregation of duties. We cover IAM from multi-cloud and multi-account perspectives as well since so many companies are moving to a multi-cloud environment. Your IAM strategies are critical for balancing security and innovation when creating your cloud access model. We also cover IAM in a micro-services environment.

DevOps: On day one, we covered what security is from an organizational perspective at its core - GRC. On Day four, we get into the nuts and bolts of how you can implement GRC in the cloud by leveraging your DevOps pipeline and security automation. We want to get security into the flow of how developers work to prevent problems in advance but still let people get things done, and catch them in an automated fashion after the fact.

Multi-Cloud: We'll also cover some strategies for multi-cloud deployments and multi-cloud security tools.

Note: No class on October 7th as I will be keynote speaker for ISACA in Quebec, Canada.

Day 5: Attack + Defend

October 14th, 9 a.m. - 5 p.m.

Day five is a culmination of everything you've learned! We'll put some of these concepts into practice.

Disaster Recovery and Business Continuity: Now that you understand cloud architectures, tools, deployments, and automation, we can talk about exciting new ways to handle DR and BCP.

Architecture and Threat Modeling: Put all the pieces together in an exercise designed to use all the cloud services based on the infomration you learned in days one through four to prevent a data breach.

Pentesting and Assessments: Using the information you learned about best practices for cloud security on prior days and application security issues, we'll do a cloud assessment, and you'll learn the fundamentals of pentesting and apply them to the cloud.

Incident Handling: Using all the information you learned on prior days - how the cloud platforms work, what attackers do, and how to review logs, we'll look at an incident and try to decipher what happened! Learn the essential steps of incident handling and some incident handling tools you can use in the cloud.

Copyright 2019. 2nd Sight Lab, LLC. All rights reserved.

Share with friends


SURF Incubator

999 3rd Avenue

#Suite 700

Seattle, WA 98104

View Map

Refund Policy

Refunds up to 30 days before event

Save This Event

Event Saved