Enterprises
Individuals
Enterprises
Individuals
Menu
Menu
Sign in
Product
Solutions
Pricing
Resources
Learn
Hands-on Labs
Courses
Learning Journeys
Challenges
Cloud Sandboxes
Playgrounds
Measure
Assessments
Tournaments
Certifications
Reports
Integrate
SCORM & LTI
SSO & SCIM
Our Learning Platform
Get Started Today
Book a demo
Get free trial
Contact us
Industries
Manufacturing
Government
Finance
Technology
Healthcare
Defense
Retail
Teams
C-suite
Security Teams
Engineering Teams
For L&D
We’ll help you
Achieve ROI
Achieve Compliance
Reduce Risk
Measurable Increase in Skills
Instructor Led Training
Success Stories
View all
View Enterprise Plans
Resources
E-books
Case studies
Webinars
Blog
Support
AppSecEngineer 101 Guide
Help Center
Discord
Teams
For C-suite
For Engineering Teams
For Product Teams
For L&D
What’s New
View all
How to Protect Your Organization from AI Threats Using Role-Based Security Training
Are Your Management Practices Pushing Your Security Team to the Brink?
X
X
X
Instructor Led Training

Attacking & Defending AWS, Azure and GCP Cloud Apps

Imagine a world where your organization seamlessly deploys applications across AWS, Azure, and GCP, only to find that each environment introduces unique vulnerabilities and attack vectors. 

This hands-on course is designed to equip you with the skills needed to navigate the complexities of multi-cloud security. Your team will deploy vulnerable stacks, execute sophisticated attacks, detect incursions, and implement robust defenses, all while mastering the intricacies of AWS, Azure, and GCP. 

Are you ready to take on the challenge and secure your multi-cloud applications like never before?

Talk to us

Course Overview

8 Hours
32 Lessons
14 Cloud Labs
Ideal for: Security Engineer  /  Product Security Teams

Today multi-cloud environments have become the norm rather than the exception. A 2021 study by VMware revealed that 73% of companies have adopted multi-cloud deployments, utilizing at least two cloud providers, and 26% have adopted three. By some estimates, nearly 90% of organizations are now multi-cloud, leading to a diverse array of application deployments and security challenges.

This training has been designed with our highly renowned approach of ADD (Attack-Detect-Defend). This is where we use stories and get students to work through intricately designed technical scenarios. As part of each story, the student deploys the app on the relevant cloud environment using Infrastructure-as-Code tools like Terraform, CDK, Bicep, and others. The application(s), along with the stack (the cloud resources and configuration) is vulnerable in many small and serious ways.

Complete Course Outline

Know your trainer

Abhay Bhargav

CHief RESEARCH OFFICER, AppSecEngineer
Abhay started his career as a breaker of apps, in pentesting and red-teaming, but today is more involved in scaling AppSec with Cloud-Native Security and DevSecOpsHe has created some pioneering works in the area of DevSecOps and AppSec Automation, including the world’s first hands-on training program on DevSecOps, focused on Application Security Automation. In addition to this, Abhay is active in his research of new technologies and their impact on Application Security, specifically Cloud-Native Security. In addition, Abhay has contributed to pioneering work in the Vulnerability Management space, being the architect of a leading Vulnerability Management and Correlation Product, Orchestron. Abhay is also committed to Open-Source and has developed the first-ever Threat Modeling solution at the crossroads of Agile and DevSecOps, called ThreatPlaybook.Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His training programs have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA, SHACK and so on. He's authored two international publications on Java Security and PCI Compliance as well.

Big Wins For Your Enterprise

Hands-on training in every aspect of cloud security: attacking cloud apps, identifying vulnerabilities, and defending against exploits.

Perfect for multicloud workflows. Covers key security concepts & techniques for all 3 major cloud providers: AWS, Azure & GCP.

Includes almost all major cloud services: access control, encryption, network security, logging & monitoring, and much more.

Deep-dive into containers, managed Kubernetes, Functions-as-a-Service (FaaS) using real-world simulations.

What Your Team Will Learn

VPC, Network Security for all 3 clouds

Logging, monitoring & alerting

Access control & encryption

Container orchestration 

Learn best with 1000+ labs modeled after real-world security scenarios

Crafted on Real-world training for product security teams

Hands-on Experience: Engage with real-world scenarios in a controlled, cloud-based lab environment to apply learning directly.

Immediate Application: Implement Threat Modeling tools and techniques instantly, enhancing retention and understanding.

Access to Specialized Tooling: Utilize advanced Threat Modeling software and LLMs without needing to set up or maintain the infrastructure.

Safe Learning Space: Experiment and learn from mistakes in a risk-free sandbox, encouraging exploration and innovation.

Explore Hands on Labs

Prerequisites

Knowledge base

Basic understanding of application security principles.
Familiarity with software development and the software development lifecycle (SDLC).
Some experience in security practices and methodologies is beneficial

Device requirements

For the optimal learning experience in this course, participants should use a laptop with Windows 10/11, the latest macOS, or a modern Linux distribution, equipped with an Intel i5 processor or equivalent (i7 recommended), at least 8GB of RAM (16GB preferred), and 20GB of free disk space. A stable, high-speed internet connection is essential for accessing streaming content and cloud-based labs, alongside the latest versions of Google Chrome, Mozilla Firefox, or Safari with JavaScript enabled. Participants must have administrative rights to install necessary software and a modern code editor like Visual Studio Code.

Minimum number of applicants

10

Talk to us

Testimonials

I found these courses to be pretty comprehensive and practically oriented. From dissecting common threat vectors to writing abuser stories, it had a lot of useful takeaways by the end.

DevOps Engineer at Streaming Services Provider

WORLD'S LARGEST SPORTS EQUIPMENT MANUFACTURER
Threat modeling has always been a bit elusive for my team, but these courses made it all click. The step-by-step breakdown of threat modeling concepts and integrating them into a DevSecOps pipeline gave us some solid, actionable learnings.

Developer at SaaS Company

DEFENSE INDUSTRY
“Threat modeling is seriously underrated compared to other security activities that have more visible impact. Fact of the matter is, if you can anticipate and build around potential threats to your software, that’s going to make a much bigger difference than if you set up a million defenses after the fact. These courses taught me how to do that!”

Head of Product at International Logistics Corporation

CYBERSECURITY OPERATIONS CENTER (CSOC)

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Started Now
X
X
Webinar on Nov 15, 9 AM PT: Learn how to make role-based security training work for your organization. Apply to attend!