Cloud Security Training

... > Training Courses > Cloud Security Training

Cloud Security Training

Many organizations are adopting cloud services to complement their production infrastructure. The number of cloud services that are offered is constantly increasing and includes options such as web servers, SQL servers, virtual machines, and office productivity tools. Many of these cloud-based resources are connected directly to an organization’s production infrastructure.

How do you address the security of your cloud infrastructure? How to ensure your security is sufficient? Learn how a hacker thinks and how you should protect your cloud environment.

Many organizations approach cloud development in a similar manner as they would to traditional IT infrastructure. With cloud-based authentication being available to the public internet, a whole new attack surface emerges. This is especially notable when cloud is used to store sensitive data that is normally protected within the boundaries of a traditional IT environment. By learning you to think as a hacker, you can avoid many pitfalls in configuring your systems in the cloud securely.

Students will also be taught different techniques to escalate their privileges in a cloud environment and finally to compromise different services within the cloud environment.

Why should you attend?

  • Understand the basics of Cloud Security and Cloud Security Architecture
  • To be able to protect your Cloud and hybrid environment
  • Address common misconfiguration and vulnerabilities
  • Learn tips and tricks from experts in Cloud Security
  • To configure a more secure Cloud environment

Intended Audience

This training is suitable for:

  • Blue team members
  • Network administrators
  • Security testers
  • General security practitioners
  • Developers
  • Security management staff (recommended: day 1 only)
  • Non-technical staff with technical affinity (recommended: day 1 only)

Cloud infrastructure is constantly being adopted by organizations across the world. As cloud infrastructure is built and managed differently than on-premise infrastructure, security assessments must also be approached in a different manner. This course aims at demonstrating the new attack vectors that are presented when migrating to a new cloud environment, and to train red teamers and blue teamers alike to identify misconfigurations that can lead to cloud infrastructure compromise.

Required Skills & Expertise

This training is devised for technical personnel. A basic understanding of Linux and Windows command line and infrastructure is needed.


The duration of this training course is of two days but can be adapted for your company needs.

Day 1:

09:00 - 10:30 Cloud Strategic Understanding

  • How is the cloud different to a traditional environment
  • Different types of clouds
  • Cons and Pros of the Cloud
  • Cloud Security Basics

10:30 - 12:30 Cloud Architecture Basics

  • Cloud Architect security principles
  • Cloud Architect mindset

12:30 - 15:00 Cloud Security Elements/Tools

  • Common cloud security built-in tools (AWS focus)

15:00 CTF

  • At the end of the day we will perform a CTF event to reinforce what was learned in the course

Day 2:

09:00 - 10:30 Vulnerability Management

  • CIS benchmark
  • Cloud vulnerability scanners

10:30 - 12:30 Cloud Specific Vulnerabilities

  • How are cloud vulnerabilities different

12:30 - 14:00 Azure specific security

  • Azure specific infrastructure, vulnerabilities and architectures

14:00 - 14:30 Infra as a Code

  • How to find and assess vulnerabilities in IaC
  • What is IaC, benefits and challenges

14:30 - 15:30 Container/Kubernetes security introduction

  • Container and kubernetes introduction
  • Container and kubernetes security principle
  • Common tools for assessing containers and kubernetes

15:30 CTF

  • At the end of the day we will perform a CTF event to reinforce what was learned in the course

Learning Objectives

  • Understand the basics of Cloud Security and Cloud Security Architecture
  • Gain an insight in how critical vulnerabilities in a Cloud corporate infrastructure can be exploited
  • Learn the basics of how an effective vulnerability scan and a Cloud Penetration test can be performed in an enterprise environment
  • Learn how to think like a cloud hacker to be able to better protect your Cloud environment

In-Company Training

If you are interested in hosting this interactive and tailored training at your company, please let us know via the contact form, by telephone +31 (0)88 888 31 00 or email



Secura is a leading cybersecurity expert. Our customers range from government and healthcare to finance and industry worldwide. Secura offers technical services, such as vulnerability assessments, penetration testing and red teaming. We also provide certification for IoT and industrial environments, as well as audits, forensic services and awareness training. Our goal is to raise your cyber resilience.

Secura is a Bureau Veritas company. Bureau Veritas (BV) is a publicly listed company specialized in testing, inspection and certification. BV was founded in 1828, has over 80.000 employees and is active in 140 countries. Secura is the cornerstone of the cybersecurity strategy of Bureau Veritas.