Intro to AWS Pentesting
Overview
Amazon Web Services is the leading cloud platform in the world today hosting services and resources to some of the largest companies and organizations. While Amazon provides the highest levels of security to their customers, security issues and data breaches still can and do occur.
One of the best courses of action you can take to ensure your AWS resources and assets is to find security issues before they become incidents and Penetration Testing can help you do just that.
This course is for the AWS admin, Security Admin, Penetration Tester, or anyone interested in gaining experience with finding and exploiting security flaws in the AWS environment at an introductory level.
We will start by working through some of the relevant basic AWS concepts and skills.
Next we will explore useful administrative and security tools specific to AWS.
Finally, we will apply our skills and tools against a variety of AWS specific challenges, giving us a 'hands-on' experience with real-world AWS security issues.
Intro to AWS Pentesting Overview
In this episode, we will discuss the intended audience, purpose, scope, and structure of this 'Intro to AWS Pentesting' series.
0h 4m
You're watching ITPro TV.
[MUSIC]
Hey there,
I'm your host Sophia Goodwin, and
I'm here with Mr Daniel Lowrie.
We're gonna tell you a little bit about
the wonderful world of this course that
we've got called intro to AWS Pen Testing,
Daniel, are you ready for this?
I am ready for this.
I've been ready for this.
I was born ready for this.
My typing skills might not be ready for
this but we will struggle through and
learn some interesting things.
This will be a lot of fun.
He's gonna be our subject
matter expert for this course.
Daniel, can you give us a little bit
of information about your background,
why you are qualified?
Sure,
how am I qualified to teach you this?
Great question.
Well, here's the thing.
I've been doing IT for
a hot minute now, over 20 years.
At this point I've got industry recognized
certifications and systems and networking.
I've done security for at least the last
five years as my focus in my job role.
So focusing mostly on Red Team security,
Pen Testing, ethical hacking,
those types of things.
So that definitely gives me a leg
up with what we're gonna do today.
And as well as I have some
background in AWS as well, and
I thought what better thing to do than
marry the two things together and
teach you good folks out there what
we can do, what we're looking for
when we're doing a Cloud Pen Test
against the cloud platform itself.
So it should be a good time.
I suppose I can accept
those qualifications.
I suppose you meet the qualifications.
So if somebody's looking at taking
this course, why should they do that?
Well, if you are already in
the Pen Testing Red teaming sphere or
even if you're a defender and wanna
have a better grasp on what you can do
to try to secure your AWS environments,
this is all for you, right?
So you got that background,
you already work in AWS,
you understand a bit about ABS.
You've dealt with it or
maybe that's the platform that your
organization is using on a day to day.
And you thought,
I wonder if there's any security problems.
We should probably look into that.
This is what's up.
So if you've got some
Pen Testing background,
you've got some offensive type
of security background or
even blue team defensive type of
background, this is gonna be for you.
Cuz then you're gonna be able to take
those skills and things that you learned,
apply that to the AWS environment and
see if you can find some security flaws
that might lead to a very bad day for you.
Hopefully plug those holes
before they become an issue.
Well, that's as good a reason as any,
in my opinion.
So, what is gonna be
the structure of this course?
So the way we're gonna structure this
course is we're gonna kind of take you
from start to finish.
Remember, this is an intro course.
We're not getting too deep in the weeds.
We're gonna take a look at some
of the more basic elements.
So if you've never really worked at AWS
before specifically with the AWS CLI in
the terminal area,
we wanna get you familiarized with
that as well as some of the tools.
We're gonna kind of run down a couple of
the tools that are useful for us, but
mostly focusing on that AWS CLI
is gonna be our bread and
butter throughout this thing.
We're gonna take a look at
interesting tools though,
that could be helpful in the long run.
And then of course we're gonna use
scenarios to help give us context and
lab environment basically, for
us to be able to attempt to work our way
through these vulnerabilities that
are common to the AWS world, right?
So basically we're gonna start
is learn a little bit about AWS,
some of the basics in there,
pick up a couple of tool sets and
then jump in with vulnerabilities through
scenario-based reinforcement to see
how does that work out and how does
that look in a real life scenario.
Well, I'd love meet some
scenario-based enforcements.
So, I'm excited about that.
Why are you excited about this course?
Cuz it's fun, fun, fun.
Can be a bit frustrating,
not gonna lie because you got to kinda
keep your cart and horse and chickens and
eggs all in their right spot so
that everything works correctly.
If you make a little typos and
as you'll see me do throughout the series,
I am sure I'm not sinless perfection,
I will make mistakes.
But we'll work our way through those
things and ultimately get to see some
really cool stuff and learn about how
AWS does things so that we can start
to see maybe my environment has
some of these vulnerabilities.
That's what's exciting about it to me,
is to be able to apply this to real world
life and see if you can maybe find
a problem before it is a problem.
That was beautiful Daniel.
Thank you.
You've got me raring to go,
I'm excited about this.
So, thank you for joining us for
our overview of this course and
let's get ready to jump into the [UNKNOWN]
world of intro to AWS Pen Testing.
Thank you for watching ITPro TV.
[MUSIC]
Learning Style
On Demand
Length of course
8h 47m
25 Episodes
Here are the topics we'll cover
- Basic Concepts
- Tools
- Flaws
- CloudGoat
Learning Options
Options for this course
Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel & Reseller
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.
Individual learners
Learn at your own pace and get your certification training.