Posted in Blog, Course Review

Course Review Securing the Cloud: Foundations w/Andrew Krug (Antisyphon Training)

TL;DR – Good course, solid labs. If brand new to AWS, plan on needing extra time to dedicate to the labs. Heavy on CloudFormation. Good way to bring a security engineer up to speed with the basics.

Having done some hands-on work attacking AWS (see my Hands-On AWS Penetration Testing with Kali Linux Notes), I wanted to get some hands-on experience with the defensive side. I’ve done enough to have a decent idea of how to secure things, but I wanted background on setting up a secure environment from scratch. The course info for Securing the Cloud: Foundations was a good fit for what I was looking for. The timing was a bit rough – I ended up listening live around meetings and then going through the class recordings. But I got a lot out of the class. The class starts with getting set up in AWS, so even with no experience you can get a lab environment up and running. He does recommend a clean AWS account so you don’t mess anything up. I used my secondary lab account that I keep for pretty much this – I’ve built and blown away so much stuff in there that I’m not concerned with messing stuff up. Total cost for the labs while I was working through things was less than $20.00 USD for the month. If you work through everything in a week, the spend could probably be kept under $10.00 USD. Leaving stuff up longer would incur greater cost. The little bit I left up to play with runs about $2.00 USD per month.

Class content was very good. Pacing was good, though maybe a bit hard to keep up if brand new to AWS. But with the recordings available and the materials provided, I think the speed was right. Fast enough that you were dragging, but slow enough that people aren’t getting lost. The class Discord also helps and made it easy to catch things when I was watching the recordings. Setting up the billing alerts are one part of this class that I think anyone working with AWS needs to learn. It’s easy to leave some running or misconfigure autoscaling and end up with a higher than expected spend. Billing alerts won’t completely solve the problem, but set conservatively enough can limit the pain a bit. I really liked the use of CloudFormation. That kept the focus on security rather than the mechanics of building resources. I’d done a bit with CloudFormation, so I was happy to get a deeper look. Coming in with more Terraform experience than CloudFormation, it was interesting to see the contrast. The class focus is very practical and builds logically.

One of the more interesting parts of this class session was a broken tool. Andrew worked through the troubleshooting live so we could see what needed to be done. And he put in the PR to fix it. He used the opportunity to demonstrate what to do when a tool isn’t working and talk about contributing to open source software. It was a great teachable moment, and I thought he really used it well. He also encouraged students to put in PRs on the class GitHub if they noticed errors or had suggestions. Really cool.

I would recommend this class to those new to or with a little AWS experience. A little meaning maybe you’ve set up some labs and played around a bit or work in an org where the security stuff was already set up and you want to understand what was done better. If this course ever becomes available on-demand, I could see it fitting nicely into an onboarding process. It would be A LOT for onboarding, but for non-AWS focused security engineers, I think it’s a good investment. And the cost is low enough to make it viable.

Author:

Lifelong paradox - cyber sec enthusiast - loves to learn

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.