Hacking and Securing Cloud Infrastruture

1,125.00 +Iva

Dias: 2
Duração: 12 horas
Próxima Data: 11/02/2021 a 12/02/2021
Área: Cybersecurity
Certificação Associada: N/A
Local: Lisboa e Porto

*Curso disponível em Live Training

Quero inscrever-me
REF: NSSHSCI Categoria: Etiqueta:


Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This course covers both the theory a well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure.

Prior pentest / security experience is not a strict requirement, however, some knowledge of Cloud Services and a familiarity with common Unix command line syntax will be beneficial.


Cloud Administrators, Developers, Solutions Architects, DevOps Engineers, SOC Analysts, Penetration Testers, Network Engineers, security enthusiasts and anyone who wants to take their skills to next level.

Prior pentest experience is not a strict requirement, however, some knowledge of Cloud Services and a familiarity with common command line syntax will be greatly beneficial.


Module 1: Introduction to Cloud Computing

  • What is cloud and Why it matters
  • Types of clouds and cloud services
  • What changes from conventional security models
  • Shared responsibility model (pizza as a service v2.0)

Module 2: Attacking Cloud Services

  • Conventional vs cloud infra assessment
  • Legalities around Cloud Pentesting
  • How to approach pentesting cloud services
  • Understanding Metadata API
  • Understand the attack surface in each type of cloud
  • Enumerating for cloud assets

Module 3: Gaining Entry in Cloud Environment

  • Lambda attacks
  • Web application Attacks
  • Exposed Service ports

Module 4: Attacking Specific Cloud Services

  • Storage Attacks
  • Azure AD Attacks
  • Financial Attacks
  • IAM Attacks : Shadow admins
  • Dormant assets
  • Google Dorking in Cloud Era

Module 5: Post – Exploitation

  • Maintain access after the initial attack
  • Post access asset enumeration
  • Extracting secrets from Snapshot access

Module 6: Defending the Cloud Environment

  • Setting up Monitoring and logging of the environment
  • Catching attacks using monitoring and logging
  • Metadata API Protection

Module 7: Host base Defences for IaaS

  • Windows server auditing
  • Linux Server Auditing

Module 8: Auditing and benchmarking of Cloud

  • Prepare the environment for the audit
  • Automated auditing using open source tools
  • Golden Image / Docker image audits
  • Relevant Benchmarks for cloud
  • Continuous inventory monitoring
  • Continuous monitoring to Detect changes in cloud environment


Students must bring their own laptop and have admin/root access on it. The laptop must have a virtualization software (virtualbox / VMWare) pre installed. A customized version of Kali Linux (ova format) containing custom tools, scripts and VPN scripts for the class will be provided to the students. The laptop should have at least 4 GB RAM and 20 GB of free disk space dedicated for the VM.

Outras datas

05/04/2021 a 06/04/2021

14/06/2021 a 15/06/2021