Cloud Security Training
After teaching, consulting, and assisting hundreds of organizations with their move to the cloud and researching cyber-security in general, certain themes keep reoccurring. These themes are the basis and reason for 2nd Sight Lab's cyber-security classes. We want to make a difference in cyber-security and these classes are designed to do just that. To request more information or schedule a class at your company contact Teri Radichel on via LinkedIn or DM @teriradichel on Twitter. You may also leave a message at 206.909.8374.

2SL-3000
Cloud Security Architecture & Engineering

Security is everybody's responsibility in the cloud. This class has a mix of content that can apply to almost anyone within an organization with some technical aptitude. In many organizations, developers and IT staff were the first to move to the cloud, and security teams are trying to catch up from behind and secure the environment. At this point, challenges arise. Developers may not understand why security professionals want to implement things the way they do. Trying to retrofit security may slow things down and can cause conflict. On the other hand, security professionals need to understand cloud architectures and services and avoid deploying traditional security solutions that don't work well in the cloud.

This class aims to help security and development professionals come together to discuss challenges and implement solutions that minimize risk and maintain the ability to innovate. Explore security solutions that have worked for other companies as well as and new ideas and developments in cloud security architecture and engineering.

Security Professionals: Learn what the new things are that you need to secure in the cloud and how it relates to what you already know - the OSI model, threat modeling, risk assessments, data protection, monitoring, and more.

Developers and DevOps Engineers: Learn how to secure your cloud infrastructure and applications more effectively. Learn security lingo to help you converse with security professionals. Get a better understanding of cloud threats and risk, which extend beyond what you see in the cloud console and the cloud security services.

Technical Managers, Sales Engineers, and Executives: Learn high-level cloud strategy for securing your organization, combined with the chance to get hands-on in a low-risk environment. You'll want to be a bit tech savvy, but we designed the labs for people with different skill levels.

Prerequisites: This class presumes the student knows what the cloud is, but if you're not sure, here's Amazon's definition: What is Cloud Computing. Here's a publication from NIST (which you can get to once the US government re-opens): NIST Definition of Cloud.

Day 1: February 2nd ~ Cloud Security Strategy and Planning
  • Cloud architectures and impact on cyber security
  • Overview of cloud services
  • Introduction to automation on IAAS cloud platforms
  • Shared responsibility ~ and defined liability
  • Security fundamentals applied to the cloud
  • Certifications
  • Strategic planning for cloud security
  • Costs and budgeting
  • Governance
  • Risk
  • Compliance
  • Best practices and security frameworks
  • Policies, Exceptions and Chnage
  • How cyber-security may benefit from the cloud
  • How and when it won't
  • Evaluating third-party cloud providers
  • Overview of IAAS cloud security services
  • Malware and Data Breaches
  • The traditional kill chain
  • Newer attacks like ransomware, cryptominers, and more
  • Threat lists, research, and reverse engineering
  • Top cloud threats
  • Threat modeling for cloud
  • Cloud attack surface
  • Assessments versus penetration tests
  • Bug Bounties: pros and cons
  • Planning for a penetration test
Day 2: February 16th ~ Network Security
  • Network security
  • Why do we care?
  • OSI Model in the cloud
  • Cloud connectivity ~ the challenge
  • Network Design Considerations
  • Segmentation
  • Three-tier architecture
  • VPNs ~ different types
  • Other hybrid connectivity options
  • Bastion hosts and remote administration options
  • Shared Services - NTP, AD, DNS
  • Load balancers and cloud networking
  • Transit networks
  • Network logging options
  • Packet capture
  • IDS/IPS
  • CDNs
  • WAF
  • DDOS
  • Proxies
  • Firewalls
  • Networking considerations for different services
  • Architecture excercise
Day 3: March 2nd ~ Data and Application Security
  • Hypervisors and machine types
  • VMs
  • Operating Systems
  • AMIs and VM templates
  • Containers
  • Serverless
  • Encryption
  • Secrets
  • Databases
  • S3 buckets and similar services
  • Disk storage and boot drives
  • Other types of cloud storage
  • Application security
  • Load balancers
  • SSL/TLS Certificates
  • Microservices Architecture Security
  • API Security
  • IOT Security
  • PAAS and combined services
  • Evaluating new services and features
  • Third-party cloud services and tools
  • Where is all your data going?
  • CASBs and DLP
  • Architecture exercise
Day 4: March 9th ~ Access, Deployments, and Availability
  • IAM
  • MFA
  • Federation options
  • Multi-cloud environments
  • DevOps pipeline security architecture
  • Defending developers, DevOps engineers, and administrators
  • Embedded security tools
  • SAST, DAST, IAST, RASP
  • Segregation of Duties
  • Integrating security into DevOps
  • Process vs. technical controls
  • Manual vs. Automated
  • Supporting innovation
  • Evalulating new services and features
  • Account Structure
  • Network Structure
  • Hybrid and multi-cloud deployment strategies
  • Software design patterns applied to infrastructure code
  • Immutable vs. patching
  • Post-deployment monitoring
  • Integrated monitoring
  • Security data lakes
  • Risk and C-Level security reporting
  • Disaster recovery and business continuity
  • Architecture exercise
  • Where to go from here...
Day 5 ~ Red team - Blue Team Game Day!
  • Part 1: Architecture and Engineering
  • Part 2: Cloud Security Assessment and Remediation
  • Part 3: Pen Testing and Red Teaming and Remediation
  • Part 4: Cloud Incident Handling
  • Cloud Accounts: Although different types of cloud services are discussed and how to evaluate cloud services, the primary focus of the labs will be AWS, Azure, and some GCP. Students must use their own accounts to participate in the labs. Please set up your accounts at least 3 days prior to class. We can help organizations set up accounts for students.

    Format: This class is taught at a facility provided by an employer to DevOps, development, QA, IT, security, and management professionals.

    Cost: $2500 per student

    To schedule a class please reach out to Teri Radichel on LinkedIn.

    2SL-1000
    Cloud Security For Executives and Business Professionals

    A recent proposed law includes a prison sentence of up to 20 years for executives who fail to secure customer data and privacy. Although this law is extreme, new laws are undoubtedly coming that will require organizations to better secure sensitive data. Executives and business professionals need to understand and be able to assess cyber-security risks at their organizations. Based on the number of breaches in the news it is clear we need a change. Learn new trends and methods for improving cyber-security, where to invest, and how to get security problems fixed before your company appears in the headlines. Business professionals and executives don't need to be extremely technical or hands-on, but they need to understand the risks that cyber-security poses to their organization and their jobs. Although focused on cloud security, the principles in this class apply to any environment. This class can be a few hours up to one day and has no hands-on labs.

    To schedule a class please reach out to Teri Radichel on LinkedIn.
    Teri Radichel, CEO
    GSEC, GCIA, GCIH, GCPM, GCCC, GREM, GPEN

    @teriradichel
    LinkedIn
    AWS Hero
    IANS Faculty
    Infragard
    Difference Maker
    Public Speaker
    Security Certifications

    More about: Teri Radichel

    Comments From Students
    SHE ROCKS!! ...she is prepared, on point, knowledgeable and infinitely patient!

    Great Instructor! Very knowledgeable!!

    Knowledgeable. Engaging dialog in class.

    Excellent!!

    She is obviously an experienced instructor - she did extremely well!

    She has been a good instructor

    Teri did fine...she did well with the material.

    Very good real-world examples during presentation

    Good presentation - keep doing the same.

    Fantastic job.

    Keep doing what you're doing.

    Excellent. Very clear and understandable.

    doing very well

    Very good pace, explanations, real world examples.

    She is great

    Instructor was great...

    Teri did very well with a challenging group of wide levels of expertise.

    Great job and & real world examples!

    Appreciated the lab walkthroughs, loved the war stories and personal insights.

    great real world experience, references

    Good instructor. Very knowledgeable.

    Good delivery.

    Teri appears to be extremely smart with a lot of experience

    Great knowledge of subject matter. Great presentation.

    Instructor was clear and informative

    Very good

    AWESOME

    Great Instructor! Thank you very much for being patient! Lovely instructor

    Teri was extremely knowledgeable on all topics and constantly pulls in real life examples

    Teri is an excellent instructor and very knowledgeable.

    She is doing in a great job & bringing in real-world examples to support the material.

    She has been spectacular!

    The additional slides are very good and helpful!

    Very knowledgeable and skilled

    Enjoyed Teri's teaching style. She's funny, knows her craft + effective in delivery

    Keep doing your thing!

    206.909.8374 . @teriradichel . LinkedIn . Work . Certifications
    © 2018 2nd Sight Lab, LLC | Seattle, Washington