My talk at BSides London "AWS vs Azure Security" is now online:

As I mention in the last slide, if you're interested in learning more about AWS, Azure and GCP security, I'll be delivering Cloud Security and DevSecops training at 44CON from 9 - 11 September.

My 44CON Cloud Security and DevSecOps training course this September includes AWS, Azure and GitHub accounts which the students use so they don’t need to create their own. As I described in Part 1, I also decided to build a training platform, so that students can connect to a virtual desktop in the cloud with all the software they need pre-installed.

That way they can come on to the course with any laptop or even tablet which supports the Amazon WorkSpaces client.

I built the supporting infrastructure in AWS using Terraform which you can read about in Part 2 of my blog, and then scripted user setup across all environments as described in Part 3. And as you might expect, I incorporated lots of security features, and wrote about them in Part 4.
 
In this last blog of the series, you’ll hear about a lost USB key, the bill, feedback to Amazon and their response. Click on the "Read More" link below to view.