Cloud Security Compact (3 days)

Cloud security know-how for the switch to the Azure cloud

The “Cloud Security Compact” seminar for the Azure cloud offers you a deep insight into the opportunities and risks of cloud use in just three days. You will learn which usage and deployment models are available and how you can assess and minimize potential risks. In addition to organizational security measures and guidelines, technical measures and procedures are also discussed in detail. Best practices for the security concept and examples of guidelines round off the seminar.

Your Benefit

Learn about the opportunities and risks of using the cloud and understand the underlying technical architecture.

Target

This course is aimed at

  • information security officers
  • risk managers
  • cloud architects

in companies who want to better understand the opportunities, but also the risks and threats of cloud use. The seminar is suitable for both beginners and advanced users.

Course Dates

Our hacking course "Cloud Security Compact" is currently only offered as an on-site company training. Please contact us for an offer and possible dates.

Your contact: Christian Gresser, cgresser[at]nesec.de

Agenda

Day 1

  • Why cloud services?
    • Opportunities in the cloud
  • Cloud definition by NIST
    • NIST SP 800-145
    • Broad network access
    • On-demand self-service
    • Rapid elasticity of resourcen
    • Measured service
    • Resource pooling
  • Cloud reference architectures
    • ISO 17789
    • ENISA
  • Responsibilities
    • Cloud provider
    • Cloud user/consumer
    • Cloud broker
    • Cloud auditor
  • Cloud service models
    • Infrastruktur as a Service (IaaS)
    • Platform as a Service (PaaS)
    • Software as a Service (SaaS)
    • Other, eg  Security as a Service (SECaaS)
  • Public, private and hybrid cloud models
  • information security in the cloud
    • CSA Security Guidance v4

Day 2

  • Risks of cloud services
    • ENISA cloud computing security risk assessment
    • Governance, risk, compliance (GRC)
    • Availability
    • Vendor lock-in
    • Personal data protection
  • Encryption in the cloud
    • Storage encryption
    • Transport encryption
    • Key management
  • Identity management
    • Multifactor authentication
    • Risk-based authentication
  • Basic building blocks
    • Compute
      • Virtual CPUs/cores
    • Network
      • Overlay networks
      • Storage networks
    • Storage
      • Object storage
      • Volume storage
      • Database storage
  • Virtualization
    • Hypervisors

Day 3

  • Container
    • Docker
    • Kubernetes
  • Serverless computing
  • Microsoft Azure
    • Introduction to Microsoft Azure
      • Azure virtual machines
      • Azure container instances
      • Azure Kubernetes service
      • Windows virtual desktop
    • Azure storage
      • Azure blob storage
      • Azure disk storage
      • Azure file storage
    • Azure security
      • Azure Entra ID identity protection (cloud only)
      • Azure Entra ID (authentication)
      • Azure information protection und Windows information protection
    • Microsoft 365
      • Office, Active Directory, cloud integration

Course Material

Each participant receives the course material (~ 350 pages) completely with training presentation and supplementary explanations completely in German language. In addition, you will receive all documents used and referenced for the creation of the seminar, provided they are freely available, as a cloud library for reference and in-depth study of individual topics.

Your Trainer

All our cloud seminars are conducted by experienced cloud specialists who contribute their years of experience to this course.