Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cloud Security Engineering: The Profession of t...
Search
Sena Yakut
September 21, 2024
0
28
Cloud Security Engineering: The Profession of the Future
Sena Yakut
September 21, 2024
Tweet
Share
More Decks by Sena Yakut
See All by Sena Yakut
Securing Large Language Models- Threats and Mitigations
senayakut
0
24
Gateway to Cloud Security Heaven: Our AWS Expedition
senayakut
0
280
DevSecOps Best Practices- Secure Everything You Have
senayakut
0
130
Securing The Sky Strategies For Protecting Against Cloud Hacking
senayakut
0
91
Cloud Security From Scratch
senayakut
0
80
Cloud Security 101: Ultimate weapon against cyber threats
senayakut
0
110
Journey to the Cloud: An Introduction and Security Overview
senayakut
0
41
Explore Ten Ways to Secure The Cloud
senayakut
0
55
PartyRock-Your Security Supporters
senayakut
0
46
Featured
See All Featured
Building a Scalable Design System with Sketch
lauravandoore
459
33k
The Art of Programming - Codeland 2020
erikaheidi
51
13k
Teambox: Starting and Learning
jrom
132
8.7k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
92
16k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
31
2.6k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
250
21k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
7.9k
The Invisible Side of Design
smashingmag
297
50k
Rails Girls Zürich Keynote
gr2m
93
13k
The Cost Of JavaScript in 2023
addyosmani
45
6.5k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
4
280
Scaling GitHub
holman
458
140k
Transcript
Sensitivity: Public Cloud Security Engineering The Profession of the Future
Sena Yakut, CyberKonf Istanbul
Sensitivity: Public ® aws sts get-caller-identity Sena Yakut, Cloud Security
Architect @CyberWhiz All details, links about me:
Sensitivity: Public Rise of the cloud computing is undeniable. Read
all report:
Sensitivity: Public Rise of the cloud security is undeniable. •
Great time to enter this field • Companies are looking experts who can secure their cloud environments. • Cloud security → Young profession • Lots of work, less talent Melting Face Emoji - what it means and how to use it
Sensitivity: Public So, what is cloud security engineering? • Means
different for different companies (SOC, Site Reliability Engineer, AppSec Engineer etc.)
Sensitivity: Public So, what is cloud security engineering? • Should
be comfortable with different tech stacks: • From serverless to containers, • From zero to hero.
Sensitivity: Public So, what is cloud security engineering? • Automation
is everything for us. • Design, develop, maintain security tasks with automation. • Integrate them into the development lifecycle.
Sensitivity: Public So, what is cloud security engineering? • Works
close with different teams → AppSec, DevOps, Pentest, VM... • I said we have lots of work Melting Face Emoji - what it means and how to use it
Sensitivity: Public What should we do? • Make time to
learn every day. Believe me. Everyday. • Read eveything.
Sensitivity: Public What should we do? • Avoid significant gaps
in your knowledge. • Be paranoid. Be curious. Always ask “How can I secure this?”
Sensitivity: Public What should we do? Sometimes, you need to
handle this by yourself.
Sensitivity: Public What should we do? • Avoid relying on
AI chatbots. Do research. Really. • Do experiment, build something, broke something in the cloud.
Sensitivity: Public What should we do? • Analyze open source
projects. • Learn CI/CD – DevSecOps: AWS Inspector for Code Quality, VM etc.
Sensitivity: Public What should we do? • Understand & learn
container security • Documentation → Write everything when you test. Melting Face Emoji - what it means and how to use it
Sensitivity: Public What should we do? • Learn IaC, start
with AWS. • Certifications???
Sensitivity: Public What should we do? CS Coding Version Control
Security Concepts OS Networking Scripting Software Design Principles OWASP Top 10 Auth Systems Cryptography
Sensitivity: Public Questions?