Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cloud Security Engineering: The Profession of t...
Search
Sena Yakut
September 21, 2024
0
52
Cloud Security Engineering: The Profession of the Future
Sena Yakut
September 21, 2024
Tweet
Share
More Decks by Sena Yakut
See All by Sena Yakut
Dangerous by Design Cloud Security Flaws We Keep Repeating
senayakut
0
260
re:Inforce 2025 - Serverless Threat Response for Amazon S3 Malware Detection
senayakut
0
45
Falling in Love with the Cloud – Securely
senayakut
0
55
Amazon GuardDuty Energy - I See It. I Flag It. I Block It
senayakut
0
58
Exploring Innovations in Cloud Technologies
senayakut
0
18
Securing the Future- A Deep Dive into the re-Invent:2024 Security Announcements
senayakut
0
16
What I’ve Learned-My Top AWS WAF Tips for Stronger Protection
senayakut
0
21
Hacking the Cloud - AWS Pentesting in Action
senayakut
0
120
Next-Level Defense: What re: Invent 2024 Means for Your Security
senayakut
0
67
Featured
See All Featured
A Tale of Four Properties
chriscoyier
160
23k
Large-scale JavaScript Application Architecture
addyosmani
512
110k
Why You Should Never Use an ORM
jnunemaker
PRO
58
9.5k
Done Done
chrislema
184
16k
Practical Orchestrator
shlominoach
189
11k
GitHub's CSS Performance
jonrohan
1031
460k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.4k
Raft: Consensus for Rubyists
vanstee
140
7k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.9k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
The Cult of Friendly URLs
andyhume
79
6.5k
Visualization
eitanlees
146
16k
Transcript
Sensitivity: Public Cloud Security Engineering The Profession of the Future
Sena Yakut, CyberKonf Istanbul
Sensitivity: Public ® aws sts get-caller-identity Sena Yakut, Cloud Security
Architect @CyberWhiz All details, links about me:
Sensitivity: Public Rise of the cloud computing is undeniable. Read
all report:
Sensitivity: Public Rise of the cloud security is undeniable. •
Great time to enter this field • Companies are looking experts who can secure their cloud environments. • Cloud security → Young profession • Lots of work, less talent Melting Face Emoji - what it means and how to use it
Sensitivity: Public So, what is cloud security engineering? • Means
different for different companies (SOC, Site Reliability Engineer, AppSec Engineer etc.)
Sensitivity: Public So, what is cloud security engineering? • Should
be comfortable with different tech stacks: • From serverless to containers, • From zero to hero.
Sensitivity: Public So, what is cloud security engineering? • Automation
is everything for us. • Design, develop, maintain security tasks with automation. • Integrate them into the development lifecycle.
Sensitivity: Public So, what is cloud security engineering? • Works
close with different teams → AppSec, DevOps, Pentest, VM... • I said we have lots of work Melting Face Emoji - what it means and how to use it
Sensitivity: Public What should we do? • Make time to
learn every day. Believe me. Everyday. • Read eveything.
Sensitivity: Public What should we do? • Avoid significant gaps
in your knowledge. • Be paranoid. Be curious. Always ask “How can I secure this?”
Sensitivity: Public What should we do? Sometimes, you need to
handle this by yourself.
Sensitivity: Public What should we do? • Avoid relying on
AI chatbots. Do research. Really. • Do experiment, build something, broke something in the cloud.
Sensitivity: Public What should we do? • Analyze open source
projects. • Learn CI/CD – DevSecOps: AWS Inspector for Code Quality, VM etc.
Sensitivity: Public What should we do? • Understand & learn
container security • Documentation → Write everything when you test. Melting Face Emoji - what it means and how to use it
Sensitivity: Public What should we do? • Learn IaC, start
with AWS. • Certifications???
Sensitivity: Public What should we do? CS Coding Version Control
Security Concepts OS Networking Scripting Software Design Principles OWASP Top 10 Auth Systems Cryptography
Sensitivity: Public Questions?