Public Exposure Risks: Are Your Tools Catching Everything?
SANS Cloud Security
The most trusted source of cloud security training, certification, and research.
“As a cloud security professional, you are challenged with supporting the security of a large cloud footprint that is managed by different development teams who have different needs, approaches, and experience. If you have had a cloud platform for a while, then you may be seeing its security posture showing its age. It can be especially difficult to see access gaps in your identity and access management (IAM) policies, 3rd party access, or overly permissive resources.
AWS provides a cloud native tool called the “IAM Access Analyzer” which is tended to be used for identifying least privilege problems. However, Jonathan Walker of Security Runners does a great job of laying out how effective it is at identifying exposed resources across all the AWS resources it covers. It's a great tool to add to the toolbox for auditing and understanding what your exposure is across your cloud footprint.”
Shaun McCullough, SANS Certified Instructor
Free Upcoming Workshops and Events
Join Live Tuesday, October 15! API Security Flight School | Aviata Cloud Hands-on Workshop
FREE Tuesday, October 15 | 10am ET | 1400 UTC
Join esteemed SANS faculty members Dr. Johannes Ullrich and Jason Lam and gain practical, hands-on experience to better understand common cloud attacks and explore effective defense strategies that you can use to secure your APIs today - backed by insights from SEC522: Application Security: Securing Web Applications, APIs, and Microservices
The adventures of the Aviata Cloud company and our SANS Cloud Security workshop series will run monthly from April through December 2024.
Read the Aviata Cloud Storyline
Explore the upcoming free monthly workshop technical topics at sans.org/workshops
Each workshop is independent of the others, so participate in one, some, or all.
Critical Vulnerability Spotted in Microsoft Defender: What you Need to Know | Free Webcast
October 16 | 11am ET | 1500 UTC
Join Brandon Evans as he discusses widespread issues with cross-cloud integrations and how to proactively protect your organization regardless of the CSPM that you employ.
Spooky Scary Lambda Attacks | Free Webcast
October 30 | 10:30am ET | 1430 UTC
Join Shaun McCullough on October 30th and uncover the chilling ways attackers can exploit misconfigured AWS Lambda functions to haunt your cloud environments. Gain actionable insights to effectively audit your Lambda deployments and learn how to explore eerie telemetry trails that reveal lurking threats all in this Halloween themed webcast!
Additional Cloud Security Threat Detection Content
Available OnDemand
Join Shaun McCullough in exploiting the vulnerabilities of a Kubernetes cluster before making use of AWS’s logging and telemetry tools to detect and investigate your own cloud intrusion.
Finding Sherlock: Cloud Attack and Detect | Poster
Learn to attack and detect using real-world techniques with insights from MITRE ATT&CK, OWASP, and essential Azure and AWS logs with this Sherlock Holmes themed poster.
Cloud Security Threat Detection | SEC541
Cloud infrastructure offers exciting new services to meet customer demands but also brings challenges, especially in managing cloud-native logs, fast development cycles, and evolving threats. Secure operation requires new tools and approaches for better visibility, data capture, and effective analysis to accurately identify legitimate threats within the organization's context.
Did you know that any SANS Alumni of SEC541 can take it at anytime in the future for 50% off? Email [email protected] for more information.
"I would recommend SEC541 to any cloud security stakeholder that wants to empower all the security tools companies have in order to improve detection, understand protection, and overall increase their security level." - Veronique D, SEC541 Student
GIAC Cloud Threat Detection | GCTD
The GIAC Cloud Threat Detection (GCTD) certification validates a practitioner's ability to detect and investigate suspicious activity in cloud infrastructure. Covering areas such as cloud attack detection, cyber threat intelligence, and secure cloud configuration in AWS and Azure, this certification is a must-have for security analysts, engineers, architects, and incident responders.
Looking to get into Cloud Detection and Response? Here's how:
Learn More About SANS Cloud Ace Training Paths
Visit the SANS Cloud Security Curriculum Page | Preview SANS Courses | Connect with Our Solutions Team | Join the SANS Community