Cloud Security Engineering: The Profession of the Future

Sensitivity: Public Cloud Security Engineering The Profession of the Future
Sena Yakut, CyberKonf Istanbul

Sensitivity: Public ® aws sts get-caller-identity Sena Yakut, Cloud Security
Architect @CyberWhiz All details, links about me:

Sensitivity: Public Rise of the cloud computing is undeniable. Read
all report:

Sensitivity: Public Rise of the cloud security is undeniable. •
Great time to enter this field • Companies are looking experts who can secure their cloud environments. • Cloud security → Young profession • Lots of work, less talent Melting Face Emoji - what it means and how to use it

Sensitivity: Public So, what is cloud security engineering? • Means
different for different companies (SOC, Site Reliability Engineer, AppSec Engineer etc.)

Sensitivity: Public So, what is cloud security engineering? • Should
be comfortable with different tech stacks: • From serverless to containers, • From zero to hero.

Sensitivity: Public So, what is cloud security engineering? • Automation
is everything for us. • Design, develop, maintain security tasks with automation. • Integrate them into the development lifecycle.

Sensitivity: Public So, what is cloud security engineering? • Works
close with different teams → AppSec, DevOps, Pentest, VM... • I said we have lots of work Melting Face Emoji - what it means and how to use it

Sensitivity: Public What should we do? • Make time to
learn every day. Believe me. Everyday. • Read eveything.

Sensitivity: Public What should we do? • Avoid significant gaps
in your knowledge. • Be paranoid. Be curious. Always ask “How can I secure this?”

Sensitivity: Public What should we do? Sometimes, you need to
handle this by yourself.

Sensitivity: Public What should we do? • Avoid relying on
AI chatbots. Do research. Really. • Do experiment, build something, broke something in the cloud.

Sensitivity: Public What should we do? • Analyze open source
projects. • Learn CI/CD – DevSecOps: AWS Inspector for Code Quality, VM etc.

Sensitivity: Public What should we do? • Understand & learn
container security • Documentation → Write everything when you test. Melting Face Emoji - what it means and how to use it

Sensitivity: Public What should we do? • Learn IaC, start
with AWS. • Certifications???

Sensitivity: Public What should we do? CS Coding Version Control
Security Concepts OS Networking Scripting Software Design Principles OWASP Top 10 Auth Systems Cryptography

Sensitivity: Public Questions?

Cloud Security Engineering: The Profession of t...

Cloud Security Engineering: The Profession of the Future

Sena Yakut

More Decks by Sena Yakut

Featured

Transcript

Sensitivity: Public Cloud Security Engineering The Profession of the Future

Sensitivity: Public ® aws sts get-caller-identity Sena Yakut, Cloud Security

Sensitivity: Public Rise of the cloud computing is undeniable. Read

Sensitivity: Public Rise of the cloud security is undeniable. •

Sensitivity: Public So, what is cloud security engineering? • Means

Sensitivity: Public So, what is cloud security engineering? • Should

Sensitivity: Public So, what is cloud security engineering? • Automation

Sensitivity: Public So, what is cloud security engineering? • Works

Sensitivity: Public What should we do? • Make time to

Sensitivity: Public What should we do? • Avoid significant gaps

Sensitivity: Public What should we do? Sometimes, you need to

Sensitivity: Public What should we do? • Avoid relying on

Sensitivity: Public What should we do? • Analyze open source

Sensitivity: Public What should we do? • Understand & learn

Sensitivity: Public What should we do? • Learn IaC, start

Sensitivity: Public What should we do? CS Coding Version Control

Sensitivity: Public Questions?