Cloud Computing Security

Learn Cloud Computing Security Best Practices

Cloud computing is the use of hardware and software resources that are delivered as a service typically over the Internet. It entrusts remote services with user's data, software and computation.

Although there are numerous business advantages and opportunities offered by cloud computing in terms of improved availability, scalability, flexibility etc., it is important to tap its business potential carefully. Securing the client data in the "cloud" must be the prime concern for the cloud service provider. Legal concerns over jurisdiction of client data in “cloud” needs to be addressed properly. This is because the stored data may not reside with service provider in its own data center or at a single location.

In this course, we shall first discuss the characteristics of cloud computing and later on focus specifically on cloud security’s best practices taking reference from industry standards like NIST, OWASP, Cloud Security Alliance etc. We then look into the broad set of policies, technologies, and controls deployed to protect client data, applications and infrastructure associated with cloud computing.

Who should attend?

  • Business Owners
  • Entrepreneurs
  • Senior Managers
  • Cloud solution providers
  • Business Analysts
  • Developers
  • Compliance managers
  • Security Enthusiasts

Course Contents

  • Introduction to cloud
  • History of Cloud Computing
  • Architectural Overview
  • Security Architecture
  • Terms & Terminologies
  • Cloud Deployment Types
    • Public Cloud
    • Private Cloud
    • Hybrid Cloud
    • Community Cloud
  • Service Model Types
    • Software As Service
    • Platform As Service
    • Infrastructure As Service
  • Some Real-world Cloud scenarios – Case Studies
  • Introduction to OpenStack
  • OpenStack services
  • Virtualization Concepts and security
  • Risk Assessment on Cloud Migration
  • Emerging Threats
  • Database Security
  • Network Security
  • Patch Management and configuration management
  • Application Security
  • Secure Software development lifecycle(SDLC)
  • SaaS and PaaS Based Application Penetration Testing
  • Design Appropriate Identity and Access Management (IAM) Solutions
  • Data Security
  • Data at Rest
  • Data at Motion
  • Encryption & Masking
  • Cloud Lock-in
  • Key management
  • Plan and Implement Data Retention, Deletion, and Archiving Policies
  • Privacy and Confidentiality Concerns
  • Auditing Methodologies in Cloud
  • Risk Management
  • Planning Disaster recovery and business continuity management for cloud
  • IAM architecture
  • Authentication and authorization standards
  • Federation
  • Intrusion detection and prevention in Cloud
  • AWS Cloud Trail
  • Forensics
  • Cloud Forensics Challenges
  • Microsoft OneDrive Cloud Storage Analysis
  • Dropbox Analysis
  • Google Drive Cloud Storage Analysis
  • OWASP Cloud Top 10 Security Risks
  • NIST Security Control
  • Cloud Security Alliance

Ethical Hacking Training

This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.

  • 6 Weeks Comprehensive Training
  • Built by Experienced Professionals
  • Regularly update on tools, techniques in course content