Presentation on Cloud Security 101 - 2024
0 likes448 views
The document provides an overview of cloud security, targeting college students and freshers interested in the field. It covers the fundamentals of cloud computing, the necessity for cloud security, key areas, and important security practices. Additionally, it includes resources for further learning and future topics of interest in cloud security.
Presentation on Cloud Security 101 - 2024
- 2. • 14+ years of Experience • Security Architect, Tesco ➤ Security Head in Lifesight for 2.5 years ➤ India Lead, AppSec Team in Epam • Application Security and • Cloud Security • Programming: Perl, Python • Areas of Interest: Learning and teaching concepts on DevSecOps, Cloud Security & Security Automation Sanjeev Jaiswal (jassi) 2
- 3. What we will cover • For whom this session is (awareness session) • Brief of Cloud Computing • Cloud Security Overview • What covers under cloud security • Job pro fi le categories • Learning references • What’s Next 3
- 4. Key Audience • College Students • Freshers (0-2 years) • Want to switch into Cloud Security • Interested in Cloud Security • Curious what’s there in Cloud Security 4
- 5. What we will cover • Quick recap of Cloud Computing - 5 mins. • Service model and Deployment model - 5 mins. • Why we need Cloud Security - 5 mins. • Cloud Security Fundamentals - 30 mins. • What’s Next - 5 mins. • Q&A - 10 min. 5
- 6. Cloud Computing is the use of computing services like servers, storage, databases, networking, software, analytics, intelligence and many more over the Internet (“the cloud”) 6
- 7. Why we need cloud computing at all? • Better Availability • Higher durability • Secured? • Economical • Compliant • Go live in a minute 7
- 8. Advantages of Cloud Computing • Pay as you go • Resilient • Scalable • Economical • Enhance Productivity, Performance and • Security 8
- 10. Cloud Computing Service Model • IaaS - Digital Ocean, Rackspace, GCE, Amazon EC2 • PaaS - Beanstalk, Heroku, Google App Engine • SaaS - Gmail, Facebook, Dropbox, Wordpress, O ffi ce365 • XaaS - Database as a Service, Security as a Service, Malware as a Service (VMware AppDefense) 10
- 12. 12
- 13. 13
- 14. 14
- 15. 15
- 16. Why we need cloud security ✴Cloud computing is being used for more than two decades. Still, several businesses fi nd security as a challenge to handle. • Everyone is in Cloud now a days • It’s shared responsibility • Still new, so more to explore • Multi tenancy make things more attack prone • Service Providers are not macho man • Data Security is a big concern • and many more … 16
- 17. 17
- 18. Cloud-Native Security vs Hybrid Cloud Security • Door with built-in lock • CCTV camera • You need both for better security 18
- 19. Security in the cloud consists of 4 areas: • Data Protection • Infrastructure Protection • Privilege Management • Detective Controls 19 Most Crucial aspects of Cloud Security
- 20. • It’s a shared responsibility • IAM: Principle of Least Privilege • Network Security • Application Security • Data Security 20 Cloud Security Dissection • Logging and Monitoring • Cloud Security Automation • Backup and Disaster Recovery • Cloud Compliance and Governance • Threat Detection and Response
- 21. Logging • Whom to give log access • What to Log • Where to store • Log Duration • Secured Cloud Logging Service - sumologic, alertlogic • Cloudtrail, Cloudwatch, VPC fl ow logs in AWS 21
- 22. Alert & Monitoring • Trigger point • What to monitor • At what frequency • How much possibility through Automation? • Alert response mechanism • IR Mechanism 22
- 23. • AWS EC2 • AWS IAM • Amazon S3 • VPC • Lambda • Route53 • Load Balancer 23 • API Gateway • CloudTrail • Amazon RDS • Cloudfront AWS essential services
- 24. • AWS IAM • KMS • AWS CloudTrail • AWS Con fi g • AWS GuardDuty • AWS Macie • Amazon Inspector 24 • AWS Shield • AWS WAF • Trusted Advisor • AWS Security Hub • Amazon Cognito • Pacu, Prowler, Cloud Custodian, Cloudcheckr, Tenable, and so on… AWS Security services and tools
- 25. Summary 25
- 26. • Understand basics of cloud computing • Get familiar with linux commands, cli, computer networks • Create a free tier account with AWS/GCP/Azure • Make yourself comfortable with essential services • Make a good grip on cloud native security services • Hands-on is everything • Read o ffi cial documentation for better understanding 26
- 27. 27
- 28. What’s Next 28
- 29. • Advanced Network and Infra Security • SIEM in Cloud • CSPM vs CASB (also check CWPP) and now CNAPP • Cloud Security Threats • CSA and NIST standards • Data Governance and Compliance • Security Automation : • Cloudformation, Terraform, Pulumi etc. • Security in CI/CD -> DevSecOps (Hotshot) 29
- 30. References & Credits • Basics of Cloud Security • Cloud Services Explained by IBM • Awesome AWS Security • Cloud Computing Courses from Acloud.guru • AWS Security Study Plan • AWS Security Interview Questions • Cybersecurity in the Cloud Specialization (Coursera) • Secure Cloud Architecture 30
- 31. My Social Channels 31 linkedin.com/in/jassics twitter.com/jassics github.com/jassics cybercloud.guru
- 32. 32 For further queries, please feel free to contact me at jassics@gmail.com WhatsApp Group (Cybercloud Learning): https://chat.whatsapp.com/ HYOMBR0edCm4L2ej3lcPmn
- 33. 33