Cloud Security | Cycerone

Intermediate

Intermediate experience required

Instructors

Carlo Ramponi
Researcher
Luigi Dell'Eva
Researcher

Language

English, Italiano

This course introduces the fundamental principles of cloud security through a combination of targeted theory and hands-on exercises. It is intended for learners with a basic understanding of cloud computing and cybersecurity who want to develop practical skills in identifying and exploiting common security weaknesses in cloud environments. The course focuses on how cloud infrastructures are configured and managed, with particular attention to identity and access management, resource exposure, and common misconfiguration patterns. Participants will work through practical scenarios that simulate real-world cloud deployments, where they must analyse configurations, identify security gaps, and exploit weaknesses in a controlled setting. Topics include insecure access controls, exposed storage resources, credential leakage, and privilege escalation techniques. After completing the course, participants will be able to assess cloud environments for common misconfigurations, understand how attackers move within cloud infrastructures, and evaluate the impact of compromised resources.

Learning Objectives

Analyse cloud configurations to identify common security misconfigurations
Enumerate cloud resources and assess their exposure and access controls
Identify and exploit credential leakage and insecure identity management practices
Perform privilege escalation by abusing misconfigured roles and permissions
Assess storage and compute resources for improper access restrictions
Apply systematic approaches to analysing and attacking cloud environments

Prerequisites

Basic understanding of cloud computing concepts, including IaaS and PaaS models. Familiarity with networking fundamentals, Linux command-line usage, basic scripting such as Python, and general cybersecurity principles is recommended.

Topics dealt with

Offensive SecuritySecure Development

Earn a certificate

A certificate of completion is available for this course. For more information, contact the course provider directly.

Build your expertise

This course is part of the following learning pathways: Secure Software & DevSecOps, Penetration Tester

Cybersecurity skills are not built in a single session. Following a structured learning pathway helps you develop a complete and consistent skill set: step by step, at your own pace.

Not sure where to start?

Learn how the Cycerone portal works, how courses and learning pathways are organized, and how to find the training opportunities that best match your needs.

Discover how it works