Cloud Security Essentials Training Course

Description:

The CCSK Plus course spans two days and incorporates all material from the CCSK Foundation program, enhancing it with extensive practical labs during the second day. Participants will apply their acquired knowledge through a series of exercises centered around a scenario that demonstrates how a fictional organization can transition securely to the cloud. Upon completion, students will be thoroughly prepared for the Cloud Security Alliance-sponsored CCSK certification exam. While the second day includes supplementary lectures, the primary focus remains on assessing, constructing, and securing cloud infrastructure through practical exercises.

Objectives:

This two-day program starts with CCSK Basic training, followed by a second day dedicated to advanced content and hands-on activities.

Target Audience:

Designed primarily for security professionals, this course is also beneficial for any individual seeking to broaden their understanding of cloud security.

CCSP is a globally recognized credential established through the combined expertise of two industry-leading authorities on information systems and cloud computing security: (ISC)² and CSA. This certification is highly relevant in a global context, addressing the complex legal, regulatory, and compliance challenges associated with storing personally identifiable information (PII) across multiple jurisdictions.

For qualified candidates, the CCSP examination assesses competence across the six CCSP domains of the (ISC)² Common Body of Knowledge (CBK), covering:

• Architectural Concepts & Design Requirements
• Cloud Data Security
• Cloud Platform & Infrastructure Security
• Cloud Application Security
• Operations
• Legal & Compliance

The adoption of cloud technologies transforms how applications are designed, deployed, and managed. This shift redistributes responsibilities between service providers and customers, while introducing cloud-native platforms such as containers, serverless architectures, and managed services that necessitate adapted security controls. Consequently, security strategies must encompass infrastructure hardening, identity and access management, data protection, secure development practices, and mitigation of cloud-specific threat vectors.

This instructor-led live training, available online or onsite, is tailored for intermediate-level developers, security engineers, and IT managers seeking to acquire practical, hands-on skills to secure cloud applications and their underlying infrastructure. Participants will learn repeatable controls and assessment techniques aligned with current industry frameworks and cloud provider guidelines.

Upon completion of this training, participants will be able to:

• Articulate the cloud shared-responsibility model and apply it to application security decision-making.
• Harden cloud infrastructure (IaaS), secure platform services (PaaS), and evaluate SaaS configurations.
• Implement secure coding and OWASP-based mitigation patterns for cloud-hosted applications.
• Integrate security tools into CI/CD pipelines (SAST/DAST/IAST/RASP) and adopt shift-left security practices.

Course Format

• Interactive lectures and discussions complemented by live demonstrations.
• Hands-on labs utilizing cloud consoles, containers, serverless functions, and CI/CD pipelines.
• Practical exercises including secure configuration, vulnerability scanning, attack simulation, and remediation planning.

Course Customization Options

• To request customized training for this course, please contact us to arrange.

This course delivers practical expertise in OpenStack and private cloud security. It begins with a system introduction, followed by hands-on training on securing private clouds and hardening OpenStack installations. Throughout the session, participants explore each core OpenStack module, gaining experience in provisioning virtual identity, image, network, compute, and storage resources while addressing key security considerations. Each participant receives a dedicated training environment featuring a complete OpenStack deployment tailored to a specific cloud architecture (e.g., storage or networking configurations). The training can be highly customized to align with the client's specific requirements.

Customization options
The course can be condensed into a 2-day format focusing on the core aspects most relevant to the customer. Alternatively, it can be extended to cover administrative, design, networking, and troubleshooting topics related to OpenStack deployments.