Blog

AWS Cloud Security Training for Your Team

TryHackMe has released a new cutting-edge and highly practical AWS Cloud Security Training!

Ellie Gillard

4 min read
AWS Cloud Security Training for Your Team

TryHackMe has released a new cutting-edge and highly practical AWS Cloud Security Training! Designed to train and upskill your workforce with gamified and scenario-based training, our AWS Cloud Security training comprises a series of comprehensive modules that cover common security flaws across commonly used AWS services.

Continue reading to discover how our AWS training trains and upskills your team, find out what they’ll learn, and learn more about the modules in our latest training release.

The importance of AWS security

Amazon Web Services, also commonly referred to as AWS, is a cloud computing platform provided by Amazon featuring a mixture of infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) and packaged-software-as-a-service (SaaS) offerings.

Known as a leader in its ability to execute, Amazon Web Services is the most popular cloud service provider in the world offering hundreds of services. AWS offers reliable and inexpensive cloud computing services with increased flexibility and scalability.

With a large number of businesses adopting cloud technologies like AWS, businesses must understand the security implications of moving to the cloud. By understanding how attackers would operate in these environments, businesses will be able to proactively ensure environments are secure and that their applications and data are protected.

Train and upskill your team

Our AWS cloud practitioner training gives your team practical, hands-on experience with simulated attack scenarios, allowing your team to work across scenarios in various AWS services and apply this learning to the real world.

Each individual within your team will get full individual access to sandboxed accounts with console and API access in a totally safe environment managed by us. Using individual accounts where environments are generated on demand, your team can first experience what an attacker would be doing across an AWS environment and how to mitigate this, without the risk of exposing your own AWS instance.

The level of detail we explore in the AWS training course reflects the tools and real-world scenarios of Cloud Practitioners and is, therefore, suitable for any role that overlaps with Cloud technology, including:

  • Cloud Engineers
  • DevOps and DevSecOps
  • Security Engineers
  • Penetration Testers

What your team will learn

Your team will gain a strong understanding of how common AWS services work. With the growing importance of remaining secure, the AWS training comprises realistic scenarios to demonstrate how attackers would compromise these services to attain hands-on access. Some common scenarios will include:

  • Compromising EC2 instances and exfiltrating data using EC2 and VPC services
  • Reducing the privileges of an overly permissive IAM policy
  • Abusing Lambda Authorizers on API gateways
  • Enumerating IAM users and roles to escalate privileges

The Amazon Web Services training will also provide an actionable understanding of mitigations for the aforementioned attacks and how your team can stay prepared.

AWS training modules

Our AWS training consists of five modules that will cover common security weaknesses and mitigations to help your team secure these services.

Module 1: Introduction to Amazon Web Services

In the first module, we’ll introduce your team to Amazon Web Services, paying close attention to the unique characteristics associated with cloud technologies. Learn the core fundamentals required to use Amazon Web Services.

Module 2: Introduction to Identity and Access Management (IAM)

Following on from the Introduction to AWS, the second module sets the foundations for attacking and defending Amazon Web Services by understanding how permissions work on the platform.

Module 3: Attacking and Defending Core Services

Explore security misconfiguration on commonly used AWS services including EC2, S3, VPC, KMS and more.

Module 4: Attacking and Defending Serverless

Work with Serverless components within AWS, including AWS Lambda functions, Step functions and more to understand how they can be exploited in a realistic scenario.

Module 5: Identity and Access Management (IAM) Privilege Escalation

After understanding how the IAM service works, your team can put this knowledge to practice by covering key concepts required to enumerate, exploit and persist across IAM.

Get started with Amazon AWS Training!

As the most utilised platform of any cloud provider, Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform used by millions of customers worldwide. Our cloud security training course trains and upskills your team in everything AWS!

Are you an existing TryHackMe Business user? Our AWS online training is available to all current business clients. Just reach out to your dedicated customer success manager for more information on pricing!

New to TryHackMe? You’ll need a TryHackMe Business subscription to get started with our AWS training.

Our business subscription package enables you to customise training to reflect your business branding and needs. Launch a free trial of the management dashboard to discover why hundreds of businesses around the globe use TryHackMe to empower and upskill their employees and leverage our AWS training for your team.

Sign up for more like this.

Enter your email
Subscribe