Intro to AWS Pentesting

Overview

Amazon Web Services is the leading cloud platform in the world today hosting services and resources to some of the largest companies and organizations. While Amazon provides the highest levels of security to their customers, security issues and data breaches still can and do occur. One of the best courses of action you can take to ensure your AWS resources and assets is to find security issues before they become incidents and Penetration Testing can help you do just that. This course is for the AWS admin, Security Admin, Penetration Tester, or anyone interested in gaining experience with finding and exploiting security flaws in the AWS environment at an introductory level. We will start by working through some of the relevant basic AWS concepts and skills. Next we will explore useful administrative and security tools specific to AWS. Finally, we will apply our skills and tools against a variety of AWS specific challenges, giving us a 'hands-on' experience with real-world AWS security issues.
Intro to AWS Pentesting Overview
In this episode, we will discuss the intended audience, purpose, scope, and structure of this 'Intro to AWS Pentesting' series.
Clock icon0h 4m
You're watching ITPro TV. [MUSIC] Hey there, I'm your host Sophia Goodwin, and I'm here with Mr Daniel Lowrie. We're gonna tell you a little bit about the wonderful world of this course that we've got called intro to AWS Pen Testing, Daniel, are you ready for this? I am ready for this. I've been ready for this. I was born ready for this. My typing skills might not be ready for this but we will struggle through and learn some interesting things. This will be a lot of fun. He's gonna be our subject matter expert for this course. Daniel, can you give us a little bit of information about your background, why you are qualified? Sure, how am I qualified to teach you this? Great question. Well, here's the thing. I've been doing IT for a hot minute now, over 20 years. At this point I've got industry recognized certifications and systems and networking. I've done security for at least the last five years as my focus in my job role. So focusing mostly on Red Team security, Pen Testing, ethical hacking, those types of things. So that definitely gives me a leg up with what we're gonna do today. And as well as I have some background in AWS as well, and I thought what better thing to do than marry the two things together and teach you good folks out there what we can do, what we're looking for when we're doing a Cloud Pen Test against the cloud platform itself. So it should be a good time. I suppose I can accept those qualifications. I suppose you meet the qualifications. So if somebody's looking at taking this course, why should they do that? Well, if you are already in the Pen Testing Red teaming sphere or even if you're a defender and wanna have a better grasp on what you can do to try to secure your AWS environments, this is all for you, right? So you got that background, you already work in AWS, you understand a bit about ABS. You've dealt with it or maybe that's the platform that your organization is using on a day to day. And you thought, I wonder if there's any security problems. We should probably look into that. This is what's up. So if you've got some Pen Testing background, you've got some offensive type of security background or even blue team defensive type of background, this is gonna be for you. Cuz then you're gonna be able to take those skills and things that you learned, apply that to the AWS environment and see if you can find some security flaws that might lead to a very bad day for you. Hopefully plug those holes before they become an issue. Well, that's as good a reason as any, in my opinion. So, what is gonna be the structure of this course? So the way we're gonna structure this course is we're gonna kind of take you from start to finish. Remember, this is an intro course. We're not getting too deep in the weeds. We're gonna take a look at some of the more basic elements. So if you've never really worked at AWS before specifically with the AWS CLI in the terminal area, we wanna get you familiarized with that as well as some of the tools. We're gonna kind of run down a couple of the tools that are useful for us, but mostly focusing on that AWS CLI is gonna be our bread and butter throughout this thing. We're gonna take a look at interesting tools though, that could be helpful in the long run. And then of course we're gonna use scenarios to help give us context and lab environment basically, for us to be able to attempt to work our way through these vulnerabilities that are common to the AWS world, right? So basically we're gonna start is learn a little bit about AWS, some of the basics in there, pick up a couple of tool sets and then jump in with vulnerabilities through scenario-based reinforcement to see how does that work out and how does that look in a real life scenario. Well, I'd love meet some scenario-based enforcements. So, I'm excited about that. Why are you excited about this course? Cuz it's fun, fun, fun. Can be a bit frustrating, not gonna lie because you got to kinda keep your cart and horse and chickens and eggs all in their right spot so that everything works correctly. If you make a little typos and as you'll see me do throughout the series, I am sure I'm not sinless perfection, I will make mistakes. But we'll work our way through those things and ultimately get to see some really cool stuff and learn about how AWS does things so that we can start to see maybe my environment has some of these vulnerabilities. That's what's exciting about it to me, is to be able to apply this to real world life and see if you can maybe find a problem before it is a problem. That was beautiful Daniel. Thank you. You've got me raring to go, I'm excited about this. So, thank you for joining us for our overview of this course and let's get ready to jump into the [UNKNOWN] world of intro to AWS Pen Testing. Thank you for watching ITPro TV. [MUSIC]

Learning Style

On Demand

Length of course

8h 47m
25 Episodes

Here are the topics we'll cover

  • Basic Concepts
  • Tools
  • Flaws
  • CloudGoat
Learning Options

Options for this course

Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel partners
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.
Individual learners
Learn at your own pace and get your certification training.