Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cloud Security Engineering: The Profession of t...

Sena Yakut
September 21, 2024
28

Cloud Security Engineering: The Profession of the Future

Sena Yakut

September 21, 2024
Tweet

Transcript

  1. Sensitivity: Public ® aws sts get-caller-identity Sena Yakut, Cloud Security

    Architect @CyberWhiz All details, links about me:
  2. Sensitivity: Public Rise of the cloud security is undeniable. •

    Great time to enter this field • Companies are looking experts who can secure their cloud environments. • Cloud security → Young profession • Lots of work, less talent Melting Face Emoji - what it means and how to use it
  3. Sensitivity: Public So, what is cloud security engineering? • Means

    different for different companies (SOC, Site Reliability Engineer, AppSec Engineer etc.)
  4. Sensitivity: Public So, what is cloud security engineering? • Should

    be comfortable with different tech stacks: • From serverless to containers, • From zero to hero.
  5. Sensitivity: Public So, what is cloud security engineering? • Automation

    is everything for us. • Design, develop, maintain security tasks with automation. • Integrate them into the development lifecycle.
  6. Sensitivity: Public So, what is cloud security engineering? • Works

    close with different teams → AppSec, DevOps, Pentest, VM... • I said we have lots of work Melting Face Emoji - what it means and how to use it
  7. Sensitivity: Public What should we do? • Make time to

    learn every day. Believe me. Everyday. • Read eveything.
  8. Sensitivity: Public What should we do? • Avoid significant gaps

    in your knowledge. • Be paranoid. Be curious. Always ask “How can I secure this?”
  9. Sensitivity: Public What should we do? • Avoid relying on

    AI chatbots. Do research. Really. • Do experiment, build something, broke something in the cloud.
  10. Sensitivity: Public What should we do? • Analyze open source

    projects. • Learn CI/CD – DevSecOps: AWS Inspector for Code Quality, VM etc.
  11. Sensitivity: Public What should we do? • Understand & learn

    container security • Documentation → Write everything when you test. Melting Face Emoji - what it means and how to use it
  12. Sensitivity: Public What should we do? CS Coding Version Control

    Security Concepts OS Networking Scripting Software Design Principles OWASP Top 10 Auth Systems Cryptography