AWS Secure Builder Micro-Credential (SANS) Training Course

Course Title: AWS Secure Builder Micro-Credential (SANS) Training Course

Executive Summary

This two-week intensive course equips participants with the skills to build and secure applications and infrastructure on Amazon Web Services (AWS). Focused on the SANS Institute’s Secure Builder curriculum, the course covers foundational AWS security concepts, secure coding practices, infrastructure-as-code security, and incident response techniques. Through hands-on labs and real-world scenarios, attendees will learn to identify and mitigate common security vulnerabilities in AWS environments. The program emphasizes a ‘security-first’ approach, providing practical guidance on integrating security into every stage of the software development lifecycle. Participants will gain expertise in utilizing AWS security services and tools to build resilient and compliant systems. This course prepares individuals for the AWS Certified Security – Specialty certification and enhances their ability to develop and deploy secure solutions in the cloud.

Introduction

In today’s cloud-centric world, security is paramount, especially when building and deploying applications and infrastructure on platforms like Amazon Web Services (AWS). Organizations face an ever-evolving threat landscape, demanding skilled professionals who can proactively identify and mitigate security risks within their cloud environments. This two-week AWS Secure Builder Micro-Credential training course, based on the renowned SANS Institute’s curriculum, provides a comprehensive and hands-on approach to AWS security. Participants will learn to build secure applications and infrastructure from the ground up, utilizing AWS’s robust suite of security services and tools. The course emphasizes practical skills and real-world scenarios, empowering attendees to effectively address security challenges in their own AWS deployments. By focusing on secure coding practices, infrastructure-as-code security, and incident response, this training prepares individuals to build resilient, compliant, and secure solutions in the cloud. Participants will also gain a deep understanding of AWS security best practices and develop the skills necessary to achieve the AWS Certified Security – Specialty certification, demonstrating their expertise in securing AWS environments.

Course Outcomes

• Understand foundational AWS security concepts and best practices.
• Implement secure coding practices for applications deployed on AWS.
• Automate security using Infrastructure-as-Code (IaC) on AWS.
• Configure and manage AWS security services such as IAM, KMS, and CloudTrail.
• Identify and mitigate common security vulnerabilities in AWS environments.
• Respond effectively to security incidents in AWS.
• Prepare for the AWS Certified Security – Specialty certification exam.

Training Methodologies

• Expert-led lectures and interactive discussions.
• Hands-on labs and practical exercises using AWS Management Console and CLI.
• Real-world case studies and scenario-based learning.
• Group projects and collaborative problem-solving.
• Security code reviews and vulnerability assessments.
• Incident response simulations.
• Quizzes and assessments to reinforce learning.

Benefits to Participants

• Gain in-demand skills in AWS security, making you a valuable asset to any organization.
• Develop a deep understanding of AWS security best practices and how to implement them.
• Learn to build secure applications and infrastructure from the ground up.
• Master the use of AWS security services and tools.
• Improve your ability to identify and mitigate security vulnerabilities.
• Prepare for the AWS Certified Security – Specialty certification exam.
• Enhance your career prospects in the cloud security field.

Benefits to Sending Organization

• Reduce the risk of security breaches and data loss in your AWS environment.
• Improve compliance with industry regulations and standards.
• Increase the security posture of your applications and infrastructure.
• Enhance the skills of your security team and development teams.
• Automate security tasks and reduce manual effort.
• Gain a competitive advantage by demonstrating a commitment to security.
• Improve the efficiency and effectiveness of your incident response process.

Target Participants

• Security Engineers
• Cloud Architects
• DevOps Engineers
• Software Developers
• System Administrators
• Security Auditors
• IT Professionals responsible for AWS security

WEEK 1: AWS Security Fundamentals and Secure Development

Module 1: Introduction to AWS Security

1. Overview of AWS security pillars.
2. AWS Shared Responsibility Model.
3. Identity and Access Management (IAM) fundamentals.
4. IAM roles, policies, and best practices.
5. Multi-Factor Authentication (MFA) implementation.
6. Securing AWS accounts and root credentials.
7. AWS Organizations and Service Control Policies (SCPs).

Module 2: Network Security in AWS

1. Virtual Private Cloud (VPC) design and configuration.
2. Security Groups and Network Access Control Lists (NACLs).
3. AWS Direct Connect and VPN connectivity.
4. AWS Shield for DDoS protection.
5. Web Application Firewall (WAF) configuration.
6. Intrusion Detection and Prevention Systems (IDS/IPS) in AWS.
7. Network traffic monitoring and analysis.

Module 3: Data Protection and Encryption

1. AWS Key Management Service (KMS) overview.
2. Encryption at rest and in transit.
3. S3 bucket security and access control.
4. AWS CloudHSM for hardware security modules.
5. Data masking and tokenization techniques.
6. AWS Secrets Manager for managing secrets.
7. Compliance with data privacy regulations (e.g., GDPR, HIPAA).

Module 4: Secure Coding Practices

1. Common web application vulnerabilities (OWASP Top 10).
2. Secure coding principles for AWS Lambda functions.
3. Input validation and output encoding.
4. Authentication and authorization techniques.
5. Cross-Site Scripting (XSS) and SQL Injection prevention.
6. Secure API development with API Gateway.
7. Static code analysis and vulnerability scanning tools.

Module 5: Infrastructure-as-Code (IaC) Security

1. Introduction to AWS CloudFormation and Terraform.
2. Secure IaC development practices.
3. Automated security checks for IaC templates.
4. Managing secrets in IaC.
5. Version control and code review for IaC.
6. Compliance as Code.
7. Using AWS Config for infrastructure governance.

WEEK 2: Security Automation, Monitoring, and Incident Response

Module 6: Security Automation and Orchestration

1. AWS Systems Manager Automation.
2. Automated patching and configuration management.
3. Automated security remediation.
4. Event-driven security automation with AWS CloudWatch Events.
5. Continuous Compliance with AWS Security Hub.
6. Automated vulnerability scanning.
7. Integrating security into the CI/CD pipeline.

Module 7: Security Monitoring and Logging

1. AWS CloudTrail for auditing AWS API calls.
2. AWS CloudWatch Logs for application and system logging.
3. AWS GuardDuty for threat detection.
4. Amazon Inspector for vulnerability assessments.
5. Security Information and Event Management (SIEM) integration.
6. Log analysis and correlation techniques.
7. Creating custom dashboards for security monitoring.

Module 8: Incident Response in AWS

1. Incident response planning and preparation.
2. Identifying and classifying security incidents.
3. Containment, eradication, and recovery steps.
4. Incident communication and reporting.
5. Forensic analysis in AWS.
6. Post-incident review and lessons learned.
7. Using AWS services for incident response (e.g., Lambda, Step Functions).

Module 9: Compliance and Governance

1. AWS compliance programs (e.g., SOC, PCI DSS, HIPAA).
2. AWS Artifact for accessing compliance reports.
3. Compliance automation with AWS Config Rules.
4. Security best practices for specific industries.
5. Implementing a security governance framework.
6. Risk management and security assessments.
7. Staying up-to-date with AWS security updates and announcements.

Module 10: AWS Certified Security – Specialty Exam Preparation

1. Review of key exam topics.
2. Practice exam questions and answers.
3. Exam tips and strategies.
4. Identifying areas for improvement.
5. Study resources and materials.
6. Hands-on exercises to reinforce knowledge.
7. Final Q&A session.

Action Plan for Implementation

1. Conduct a security assessment of your current AWS environment.
2. Develop a security roadmap based on the assessment findings.
3. Implement security best practices and controls.
4. Automate security tasks using AWS services and tools.
5. Establish a security monitoring and alerting system.
6. Create an incident response plan.
7. Continuously review and improve your security posture.