Sans Sec 549 2021 — High Speed

SEC549: Enterprise Cloud Security Architecture course, which debuted around

10. Lasting Impact & Relevance Beyond 2021

Key Takeaways

Which of those would you like next?

• Automate security testing in CI/CD.
• Secure containers and Kubernetes.
• Write cloud-native detection rules.
• Respond to incidents using serverless functions.

IaC Scanning

| Category | Tools (as taught in 2021) | | :--- | :--- | | | Checkov, tfsec, cfn-nag | | Cloud Detection | Falco, AWS GuardDuty, Azure Security Center | | Policy as Code | Open Policy Agent (OPA), Sentinel (HashiCorp) | | Penetration Testing | Pacu (AWS exploitation framework), Scout Suite | | Forensics | AWS CloudTrail Insights, Azure KQL queries | sans sec 549 2021

Day 2: Infrastructure as Code (IaC) Security

• Secrets in build logs
• Overly privileged OIDC roles

• Fast-paced, with a mix of humor, action, and suspense
• Heartfelt moments of camaraderie and trust between Sanshiro and Akane