Security Engineering on AWS

Introduction:

Cybersecurity threats are escalating, and organizations need professionals who can efficiently use AWS security services to stay secure in the AWS Cloud. Security Engineering on AWS focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud. This course highlights the security features of AWS key services including compute, storage, networking, and database services. You’ll also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents.

Through hands-on labs and real-world scenarios, you’ll gain practical experience in implementing security solutions, understanding specialized data classifications and AWS data protection mechanisms, and applying security best practices. This training is designed to help you stay secure in the AWS Cloud and prepare for the AWS Certified Security – Specialty certification.

Objectives:

Security Engineering on AWS prepares you to design, implement, and manage secure infrastructure on the AWS cloud platform. You’ll learn to protect applications and data from common security threats, perform and automate security checks, and configure authentication and permissions for applications and resources.
By the end of this course, you’ll be able to monitor AWS resources and respond to incidents, capture and process logs, and create automated and repeatable deployments with tools such as AMIs and AWS CloudFormation. This course focuses on the security practices that AWS recommends for enhancing the security of your systems in the cloud.

Course Outline:

Module 1: Introduction to Security in the AWS Cloud

Understand the AWS Shared Responsibility Model
Explore core cloud security principles
Review incident response strategies in AWS
Align DevOps processes with security engineering

Module 2: Managing Identity and Access Control

Define and apply IAM policies, roles, and permissions boundaries
Use IAM Access Analyzer for insight into access risks
Implement multi-factor authentication (MFA)
Monitor access activity with AWS CloudTrail

Module 3: Securing Web Application Environments

Analyze threats to 3-tier application architectures
Address common risks around user and data access
Leverage AWS Trusted Advisor for continuous improvement

Module 4: Application Security at Scale

Harden Amazon Machine Images (AMIs)
Perform automated security assessments with Amazon Inspector
Apply secure configuration management with AWS Systems Manager

Module 5: Data Protection and Encryption Best Practices

Encrypt data in S3, RDS, DynamoDB, and Glacier
Apply key management strategies using AWS KMS
Use S3 Access Analyzer and Access Points for precise control

Module 6: Network Security and Traffic Protection

Implement best practices for securing Amazon VPCs
Use VPC Traffic Mirroring for deep packet inspection
Respond to compromised instances
Secure endpoints with AWS Certificate Manager and ELB

Module 7: Centralized Monitoring and Logging

Configure CloudWatch, AWS Config, and Amazon Macie
Enable VPC Flow Logs, ELB Logs, and S3 Server Access Logs

Module 8: Log Processing and Analysis

Aggregate log data with Amazon Kinesis
Analyze security events using Amazon Athena

Module 9: Securing Hybrid Cloud Architectures

Connect environments with VPNs and Direct Connect
Secure cross-region traffic with AWS Transit Gateway

Module 10: Building Global Resilience and DDoS Protection

Use Route 53 and CloudFront for edge-level protection
Defend against attacks with AWS WAF, Shield, and Firewall Manager

Module 11: Serverless Security Practices

Control access in serverless environments with Amazon Cognito
Secure APIs with API Gateway
Implement least-privilege execution in AWS Lambda

Module 12: Threat Detection and Investigation

Identify suspicious activity with Amazon GuardDuty
Consolidate findings in AWS Security Hub
Perform forensic analysis with Amazon Detective

Module 13: Secrets and Key Management

Manage encryption keys using AWS KMS and CloudHSM
Store and rotate secrets with AWS Secrets Manager

Module 14: Automating Security by Design

Create secure, repeatable deployments with AWS CloudFormation
Standardize infrastructure with AWS Service Catalog

Module 15: Governance and Account Management at Scale

Manage multi-account environments with AWS Organizations
Enforce controls using AWS Control Tower and AWS SSO
Integrate centralized identity with AWS Directory Services

Enroll in this course

$2,025.00

Select a start date for your 3 Days course

EventDates

2023-12-19 09:30:00_2023-12-21 17:30:00
2023-12-19 10:30:00_2023-12-21 18:30:00
2024-02-13 09:30:00_2024-02-15 17:30:00
2024-02-13 10:30:00_2024-02-15 18:30:00
2024-03-20 09:00:00_2024-03-22 17:00:00
2024-06-12 09:00:00_2024-06-14 17:00:00
2025-07-28 09:00:00_2025-07-30 17:00:00
2025-10-29 09:00:00_2025-10-31 17:00:00

Clear

Questions About This Course?

Need Help Finding The Right Training Solution?

Our training advisors are here for you.