AWS Security Training

I provide 2 days of advanced, in-person, private training to companies on AWS security. This is useful for security teams securing own their AWS environments, incident responders, pentesters, developers, and more. This training is fast paced and densely packed.

These are some statements from those who have taken it:

Just finished a truly excellent AWS security training by @0xdabbad00. Well delivered, lean and super useful.Claudio Criscione
Cloud security is complex, and confusing the first time you look at it. Scott's AWS training was clearly structured, well-delivered, and helped me ramp up *way* more quickly than I could have on my own.Thomas Dullien (halvarflake)
If you're looking for *serious* AWS Security training @0xdabbad00 from @SummitRoute is your guy. Highly recommend considering this if your security teams are still scratching their heads on how to tame clouds, or believe they figured it all out.Karim El-Melhaoui
Content includes:
  • How I audit AWS environments and the types of issues I've found across the hundreds of AWS accounts I've looked at.
  • How AWS security tools work, their limitations, and what to look for when considering which ones to use. As the maintainer of two popular AWS security tools (CloudMapper and CloudTracker), I have expert knowledge of these areas.
  • How IAM and resource policies work and how to spot problems. I've found and helped fix many issues not only in client environments, but also with AWS's own policies and their documentation in this area.
  • What log sources exist on AWS, their limitations, and how to analyze them using tools like jq and Athena.
  • How to detect problems and attackers in real-time and how to do incident response.
  • What attack tools exist, techniques that can be used by attackers, and known security incidents of companies running on AWS.
  • What strategies and techniques can be used to run securely on AWS and avoid problems.
  • And more!

Training includes lecture and labs. Labs are done within my own AWS account. Students need only a laptop.

If you're interested in me providing your company with this training, reach out!