Cloud Security, Offensive Security, Defensive Security, Governance, Risk & Compliance

CA304: Cloud Security

  • Flexible Schedule

Course authored by:

Perparim Mjeku, Rinor Shehu, Altin Gashi

Pay now

29 Hours of Instruction

Includes lectures, guest speakers, and Q&A sessions

Hands-on
labs

18 Labs

Live Online or On-Demand Access

Join weekly synchronous sessions or access all material and recorded lectures anytime

Intermediate Level

Developing practical skills and deepening understanding of core concepts

Course Materials

Available after purchase

Course Overview

Cloud security is not about trusting the provider it is about understanding responsibility boundaries and defending what remains exposed. In four focused sections, the course builds practical capability in securing modern cloud environments across platforms like Amazon Web Services and Microsoft Azure. You will cover core concepts including cloud architectures, service models (IaaS, PaaS, SaaS), and the shared responsibility model. The course focuses on identity and access management (IAM), secure networking, and data protection. You will analyze risks such as misconfigurations, identity abuse, and distributed attack surfaces. Monitoring, logging, and incident response are applied in cloud-native scenarios. Expect hands-on work and high standards by the end, you will be able to secure cloud environments in real-world conditions.

What You’ll Learn

Develop the skills to design, assess, and secure cloud environments using industry practices

  • Understand cloud computing models (IaaS, PaaS, SaaS) and deployment types
  • Apply the shared responsibility model in cloud security
  • Configure and manage Identity & Access Management (IAM) securely
  • Analyze cloud architectures and identify potential attack surfaces
  • Secure cloud networking using VPCs, segmentation, and access controls
  • Detect and prevent misconfigurations in cloud environments
  • Implement logging, monitoring, and incident response strategies
  • Perform cloud penetration testing and vulnerability assessments
  • Understand container security (Docker & Kubernetes) in cloud ecosystems
  • Apply security best practices across platforms like AWS and Azure

Business Takeaways

Understand how cloud security directly impacts operational resilience and business success

  • Reduce risk of data breaches caused by cloud misconfigurations
  • Strengthen governance through proper identity and access controls
  • Improve compliance with industry regulations and security frameworks
  • Enhance visibility into cloud environments through monitoring and logging
  • Minimize downtime with resilient, secure cloud architectures
  • Protect sensitive data across distributed and scalable systems
  • Enable secure adoption of cloud technologies for business growth
  • Reduce financial and reputational damage from cloud security incidents

Syllabus: 4 Sections to Transformation

The CA304 program drops you into the world of cloud security, where infrastructure, identity, and risk intersect at scale. It spans everything from how cloud systems are built to securing, attacking, and governing them in real environments.

syllabus overview

download full syllabus

Justify Training to Your Manager

download the letter

section 1

FOUNDATIONS + CLOUD ARCHITECTURE

Focuses on cloud computing fundamentals, AWS architecture, IAM, networking, storage services, and serverless technologies to understand how modern cloud environments are built and secured.

TOPICS COVERED

  • Cloud computing models: IaaS, PaaS, SaaS, FaaS
  • Shared Responsibility Model (critical concept)
  • AWS fundamentals (accounts, regions, IAM basics)
  • Core services: S3, EC2, networking basics
  • SaaS architecture design (multi-tenancy, threat modeling)
  • API Gateway & AWS Lambda (serverless entry points)

LABS

  • Billing
  • EC2 instances
  • S3
  • IAM
  • Import VMDK file to AWS

section 2

DEFENSIVE SECURITY + GOVERNANCE

Focuses on cloud monitoring, logging, access control, incident response, and governance practices used to secure, audit, and manage cloud environments.

TOPICS COVERED

  • Cloud logging & telemetry (AWS CloudTrail)
  • Data protection (SSE-S3 vs SSE-KMS)
  • Access control (ACLs vs bucket policies)
  • Incident response in cloud environments
  • Security assurance methodology (CSR model)
  • Policy-as-Code & compliance frameworks

LABS

  • AWS CloudTrail
  • AWS CloudWatch
  • AWS ACLs and Bucket Policies
  • Cloudflare
  • AWS tunnel (Cloudflare tunnel)

section 3

OFFENSIVE SECURITY + CLOUD INFRASTRUCTURE

Focuses on cloud attack surfaces, misconfigurations, reconnaissance, penetration testing methodologies, and secure AWS infrastructure design in multi-account environments.

TOPICS COVERED

  • Cloud penetration testing rules & scope
  • Cloud attack surface & misconfigurations
  • Common vulnerabilities (S3 exposure, IAM abuse)
  • Reconnaissance in cloud environments
  • AWS Organizations & multi-account design
  • Landing zones and security guardrails

LABS

  • AWS CLI
  • SSRF vulnerability on EC2 instance
  • pacu
  • Prowler

section 4

MODERN CLOUD SECURITY + MULTI-CLOUD

Focuses on container, Kubernetes, and multi-cloud security concepts, including runtime risks, privilege escalation, network segmentation, and securing modern cloud-native environments.

TOPICS COVERED

  • Docker security (images, containers, runtime risks)
  • Kubernetes security (RBAC, API server, etcd risks)
  • Container escape & privilege escalation
  • Network segmentation (east-west traffic control)
  • Azure fundamentals (compute, networking, storage)
  • Multi-cloud security principles

LABS

  • Apache with PHP Dockerfile
  • Create a Lambda Function
  • Vulnerable Lambda
  • Containerization with Docker

Course Schedule
& Pricing

Looking for Group Purchase Options? See below

Next Start Date

March 5, 2026

Duration

14 Weeks Intensive

Format

Live with Zoom Meeting

What's Included

  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training
  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training

499€

Seats Filling Fast for January 2026

Location

Start Date

Start Time

Prishtina, Kosovo

March 20, 2026

10:30 AM (CEST)

Enlist now

Prishtina, Kosovo

April 15, 2026

4:30 PM (CEST)

Enlist now

Prishtina, Kosovo

May 10, 2026

11:00 AM (CEST)

Enlist now

Next Start Date

March 5, 2026

Duration

14 Weeks Intensive

Format

Live with Zoom Meeting

What's Included

  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training
  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training

499€

Seats Filling Fast for January 2026

Location

Start Date

Start Time

Prishtina, Kosovo

March 20, 2026

10:30 AM (CEST)

Enlist now

Prishtina, Kosovo

April 15, 2026

4:30 PM (CEST)

Enlist now

Prishtina, Kosovo

May 10, 2026

11:00 AM (CEST)

Enlist now

Next Start Date

March 5, 2026

Duration

14 Weeks Intensive

Format

Live with Zoom Meeting

What's Included

  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training
  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training

499€

Seats Filling Fast for January 2026

Location

Start Date

Start Time

Prishtina, Kosovo

March 20, 2026

10:30 AM (CEST)

Enlist now

Prishtina, Kosovo

April 15, 2026

4:30 PM (CEST)

Enlist now

Prishtina, Kosovo

May 10, 2026

11:00 AM (CEST)

Enlist now

Frequently Asked Questions

Mission-critical information for prospective operatives

What will I learn in this Cloud Security course?

You will learn how to secure cloud environments by understanding architecture, identity management, networking, and security operations. The course focuses on real-world platforms and teaches how to protect cloud-based systems in practical scenarios.

Basic knowledge of networking or IT is helpful, but the course starts with foundational cloud concepts and gradually introduces security practices, making it accessible for beginners while still valuable for professionals.

Most cloud breaches are caused by misconfigurations, weak identity access controls, and misunderstanding the shared responsibility model. This course teaches how to identify and prevent these common risks.

You will gain hands-on skills in Identity and Access Management (IAM), cloud networking, monitoring, incident response, and vulnerability assessment. The course emphasizes applying security controls in real cloud environments.

Cloud providers secure the infrastructure, but users are responsible for securing their data, access, and configurations. Misunderstanding this model is one of the main causes of cloud security failures, making it a critical concept for any cybersecurity professional.

0
    Your Cart
    Your cart is empty