Scribd
Upload
144 views33 pages

Cloud Security 101 2024

Uploaded by

setuking1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
144 views33 pages

Cloud Security 101 2024

Uploaded by

setuking1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 33

Cloud

Security
101 Sanjeev Kumar Jaiswal

1
Sanjeev Jaiswal (jassi)
• 14+ years of Experience

• Security Architect, Tesco


➤ Security Head in Lifesight for 2.5 years
➤ India Lead, AppSec Team in Epam

• Application Security and

• Cloud Security

• Programming: Perl, Python

• Areas of Interest: Learning and teaching


concepts on DevSecOps, Cloud Security &
Security Automation
2
What we will cover

• For whom this session is (awareness session)


• Brief of Cloud Computing
• Cloud Security Overview
• What covers under cloud security
• Job pro le categories
• Learning references
• What’s Next

3
fi
Key Audience

• College Students
• Freshers (0-2 years)
• Want to switch into Cloud Security
• Interested in Cloud Security
• Curious what’s there in Cloud Security

4
What we will cover

• Quick recap of Cloud Computing - 5 mins.


• Service model and Deployment model - 5 mins.
• Why we need Cloud Security - 5 mins.
• Cloud Security Fundamentals - 30 mins.
• What’s Next - 5 mins.
• Q&A - 10 min.

5
Cloud Computing is the use of
computing services like servers,
storage, databases, networking,
software, analytics, intelligence and
many more over the Internet (“the
cloud”)

6
Why we need cloud computing at all?

• Better Availability
• Higher durability
• Secured?
• Economical
• Compliant
• Go live in a minute

7
Advantages of Cloud Computing
• Pay as you go
• Resilient
• Scalable
• Economical
• Enhance Productivity, Performance and
• Security

8
Cloud Computing
Deployment Model

9
Cloud Computing Service Model

• IaaS - Digital Ocean, Rackspace, GCE, Amazon EC2


• PaaS - Beanstalk, Heroku, Google App Engine
• SaaS - Gmail, Facebook, Dropbox, Wordpress, O ce365
• XaaS - Database as a Service, Security as a Service, Malware as a Service
(VMware AppDefense)

10 ffi
Cloud
Security
Basics
11
12
13
14
15
Why we need cloud security

✴Cloud computing is being used for more than two decades.


Still, several businesses nd security as a challenge to handle.

• Everyone is in Cloud now a days


• It’s shared responsibility
• Still new, so more to explore
• Multi tenancy make things more attack prone
• Service Providers are not macho man
• Data Security is a big concern
• and many more …
16
fi
17
Cloud-Native Security vs Hybrid Cloud Security

• Door with built-in lock


• CCTV camera
• You need both for better security

18
Most Crucial aspects of Cloud Security

Security in the cloud consists of 4 areas:


• Data Protection
• Infrastructure Protection
• Privilege Management
• Detective Controls

19
Cloud Security Dissection

• It’s a shared responsibility • Logging and Monitoring


• IAM: Principle of Least Privilege • Cloud Security Automation
• Network Security • Backup and Disaster Recovery
• Application Security • Cloud Compliance and Governance
• Data Security • Threat Detection and Response

20
Logging

• Whom to give log access


• What to Log
• Where to store
• Log Duration
• Secured Cloud Logging Service - sumologic, alertlogic
• Cloudtrail, Cloudwatch, VPC ow logs in AWS

21
fl
Alert & Monitoring

• Trigger point
• What to monitor
• At what frequency
• How much possibility through Automation?
• Alert response mechanism
• IR Mechanism

22
AWS essential services
• AWS EC2
• AWS IAM
• API Gateway
• Amazon S3
• CloudTrail
• VPC
• Amazon RDS
• Lambda
• Cloudfront
• Route53
• Load Balancer

23
AWS Security services and tools
• AWS IAM • AWS Shield
• KMS • AWS WAF
• AWS CloudTrail • Trusted Advisor
• AWS Con g • AWS Security Hub
• AWS GuardDuty • Amazon Cognito
• AWS Macie • Pacu, Prowler, Cloud
Custodian, Cloudcheckr,
• Amazon Inspector Tenable, and so on…

24
fi
Summary
25
• Understand basics of cloud computing
• Get familiar with linux commands, cli, computer networks
• Create a free tier account with AWS/GCP/Azure
• Make yourself comfortable with essential services
• Make a good grip on cloud native security services
• Hands-on is everything
• Read o cial documentation for better understanding

26
ffi
27
What’s Next
28
• Advanced Network and Infra Security
• SIEM in Cloud
• CSPM vs CASB (also check CWPP) and now CNAPP
• Cloud Security Threats
• CSA and NIST standards
• Data Governance and Compliance
• Security Automation :
• Cloudformation, Terraform, Pulumi etc.
• Security in CI/CD -> DevSecOps (Hotshot)
29
References & Credits
• Basics of Cloud Security
• Cloud Services Explained by IBM
• Awesome AWS Security
• Cloud Computing Courses from Acloud.guru
• AWS Security Study Plan
• AWS Security Interview Questions
• Cybersecurity in the Cloud Specialization (Coursera)
• Secure Cloud Architecture
30
My Social Channels
cybercloud.guru

github.com/jassics

twitter.com/jassics

linkedin.com/in/jassics

31
For further queries, please feel free to contact
me at [email protected]
WhatsApp Group (Cybercloud Learning):
https://chat.whatsapp.com/
HYOMBR0edCm4L2ej3lcPmn

32
33

You might also like