11. 当日の様子
Dave Shackleford (SANS Senior Instructor
& Consultant for Voodoo Security)
SEC545に関しては当日は満席
日本人は半数以下
その他は外国籍の方々
同時通訳あり
12. Intro and Basics
Cloud Security Alliance Guidance
Cloud Policy and Planning
SaaS Security
Intro to PaaS and IaaS Security Controls
SEC545.1: Cloud Security Foundations
13. Cloud Security: In-House versus Cloud
A Virtualization Security Primer
Cloud Network Security
Instance and Image Security
Data Security for the Cloud
Application Security for the Cloud
Provider Security: Cloud Risk Assessment
SEC545.2: Core Security Controls for
Cloud Computing
14. Cloud Security Architecture Overview
Cloud Architecture and Security Principles
Infrastructure and core component security
Access controls and compartmentalization
Confidentiality and data protection
Availability
SEC545.3: Cloud Security Architecture
and Design
15. Threats to Cloud Computing
Vulnerability Manager in the Cloud
Cloud Pen Testing
Intrusion Detection in the Cloud
Cloud IR and Event Manager
Cloud Forensics
SEC545.4: Cloud security - Offense and
Defense
16. Scripting and Automation in the Cloud
DevSecOps Principles
Creating Secure Cloud Workflows
Building Automated Event Management + Defensive Strategies
Tools, Tactics, and Use Cases
Class Wrap-Up
SEC545.5: Cloud Security Automation
and Orchestration
17. Exploring AWS
Cloud Contract Review
AWS+Docker
SecaaS
Hypervisor Security
VPCs and Network Controls
AWS Config
Secrets for Containers
S3 IAM
EC2 and IAM Roles
EC2 Systems Manager
Bastion Host Quick Start
Day1-Day5: Handson
Cloud Threat Modeling
AWS Inspector
Kali … as-a-Service?
Cloud CTF
Logs,logs,logs!
AWS CLI Automation
Ansible Basics
Ansible Roles and Security
AWS CloudFormation
AWS CloudWatch
Automating with AWS Lambda
・利用するクラウド環境は
すべてAWS
・一部、手元でHypervisor
SecurityとContractの確認を
行うものがあった。