https://teachingcyber.gumroad.com/ The Building your penetration testing lab in the cloud course takes you from little or no knowledge and shows you how to build your own red team testing environment in the cloud with practical demonstrations.  You will learn the principles of building environments in a practical way using minimal lectures and focusing on step by step demonstrations.  There are very few courses like this that get straight into the practicalities of cloud security.  With this capability, you will be able to provide professional and consistent service to your company or clients.  You will learn to build manually and also using infrastructure as code. This is a fast-growing area, specialist cloud skills in security are in high demand and using the skills here will enable your career, giving you experience in Azure.  If you are a beginner, this course is for you as it will give you the foundations in a practical way, not theoretical.  If you are an experienced security practitioner you may have focused on the other cloud providers and you are now becoming aware of conducting assessments using other cloud environments, this course is absolutely essential for you.  Some of the key areas you will learn are: Cloud security principles Building pentest environments in Azure Secure Networking, protecting the traffic from threats Automated deployment of resources Infrastructure as code using Terraform This course will give you the grounding you need to help you learn, retain and replicate the skills necessary to build red team capabilities from the cloud.  The lectures are to the point and concise because your time, like many practitioners, is precious.  All demos can be followed using your own cloud accounts and replayed time and again as your one-stop security reference.  Website - Course Info: https://teachingcyber.gumroad.com/

1. TC
Teaching Cyber
Cybersecurity for All
Website – Course Info: https://teachingcyber.gumroad.com/

2. TC
B U I L D I N G A P E N E T R A T I O N T E S T I N G L A B I N T H E C L O U D

3. Sections:
1. Introduction
2. Design and Build the Lab
Introduction

4. Detail:
• Perform pen test activities from
the cloud
• Focus on Azure
• Course for all Levels
• Complete a design
• Build your own lab
• Pen testing tools not covered
• Step by step build process
Areas Covered

5. Some reasons include:
• Consolidate resources
• No hardware to manage
• Fulfils multi internal and
external use cases
• Centralized resources
• Build what you want, when you
need it
• Easier cost management
• Scalable
Reasons to build

6. Remember to:
• Get permission from your
employer
• Check the cloud service
provider terms of use
• Be mindful of the risks when
performing pen test activities
Caveats

7. TC
B U I L D I N G A P E N E T R A T I O N T E S T I N G L A B I N T H E C L O U D
D E S I G N A N D B U I L D T H E L A B

8. DEMO

9. DEMO

10. Summary:
• Infrastructure as code
• Build, update and destroy
infrastructure in the cloud
• Open source
• Supports multiple cloud service
providers
Terraform

11. DEMO

12. Some useful info:
• Microsoft Azure, creating a
cloud account
• Terraform Tutorial
• Course demo code
References

13. • Cloud Resource Management
• Cloud Benefits
• Cloud Risks
• How to create a design
• How to build manually
• Infrastructure as code
SUMMARY

14. • Cloud Provider Training
• Terraform Training
• GitHub Training
• Course Demo Code
SUMMARY

15. Areas for you to explore:
• Monitoring Cloud Resources
• Managing Cloud Inventories
• Ingress/Egress Management
• Ownership
• Attack Surface Reduction
• Vulnerability Management
• Patch Management
SUMMARY

16. • Thank you!
• Please take time to give
feedback and rate
• Ask questions
h t t p s : / / w w w. l i n k e d i n . c o m / i n / t i m c o a k l e y
SUMMARY