Pen testing is a standard technique for on-site systems, but the way testing is carried out in the cloud is different. This course explores the different types of vulnerabilities in the cloud, the techniques used to test cloud deployments, and key open-source tools for testing Amazon Web Service deployments: CloudGoat, the AWS CLI, and the AWS Python Software Development Kit, known as boto3. Instructor Malcolm Shore shows how to set up your test environment and then use Python to enumerate policies, programmatically create users, manage secrets, list EC2 and RDS instances, and more. He also shows how to get a quick summary of the resources in your AWS account with the PATE tool and use other Python-based testing tools such as PACU. The skills you learn in this course will help you test your AWS deployments for the weaknesses that others will exploit and design your own customs scripts for testing.
- Malcolm Shore Cybersecurity Consultant
Malcolm Shore is a cybersecurity expert who spent ten years as a director at New Zealand’s GCSB.
Dr. Shore was the principal security officer at the Australian National Broadband Network Company and the director of education and community relations for the Australian Information Security Association. He’s currently a technical director at BAE Systems Applied Intelligence, and an educator in the fields of forensics, information warfare, security management, and applied cryptography. He holds a PhD in information security.