Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cloud Security Engineering: The Profession of t...
Search
Sena Yakut
September 21, 2024
0
50
Cloud Security Engineering: The Profession of the Future
Sena Yakut
September 21, 2024
Tweet
Share
More Decks by Sena Yakut
See All by Sena Yakut
Dangerous by Design Cloud Security Flaws We Keep Repeating
senayakut
0
160
re:Inforce 2025 - Serverless Threat Response for Amazon S3 Malware Detection
senayakut
0
31
Falling in Love with the Cloud – Securely
senayakut
0
53
Amazon GuardDuty Energy - I See It. I Flag It. I Block It
senayakut
0
52
Exploring Innovations in Cloud Technologies
senayakut
0
15
Securing the Future- A Deep Dive into the re-Invent:2024 Security Announcements
senayakut
0
14
What I’ve Learned-My Top AWS WAF Tips for Stronger Protection
senayakut
0
18
Hacking the Cloud - AWS Pentesting in Action
senayakut
0
110
Next-Level Defense: What re: Invent 2024 Means for Your Security
senayakut
0
67
Featured
See All Featured
Navigating Team Friction
lara
187
15k
How to train your dragon (web standard)
notwaldorf
93
6.1k
Building a Modern Day E-commerce SEO Strategy
aleyda
42
7.3k
Making Projects Easy
brettharned
116
6.3k
Optimizing for Happiness
mojombo
379
70k
Code Reviewing Like a Champion
maltzj
524
40k
Gamification - CAS2011
davidbonilla
81
5.3k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
35
2.3k
YesSQL, Process and Tooling at Scale
rocio
173
14k
Rails Girls Zürich Keynote
gr2m
94
14k
The Pragmatic Product Professional
lauravandoore
35
6.7k
Side Projects
sachag
455
42k
Transcript
Sensitivity: Public Cloud Security Engineering The Profession of the Future
Sena Yakut, CyberKonf Istanbul
Sensitivity: Public ® aws sts get-caller-identity Sena Yakut, Cloud Security
Architect @CyberWhiz All details, links about me:
Sensitivity: Public Rise of the cloud computing is undeniable. Read
all report:
Sensitivity: Public Rise of the cloud security is undeniable. •
Great time to enter this field • Companies are looking experts who can secure their cloud environments. • Cloud security → Young profession • Lots of work, less talent Melting Face Emoji - what it means and how to use it
Sensitivity: Public So, what is cloud security engineering? • Means
different for different companies (SOC, Site Reliability Engineer, AppSec Engineer etc.)
Sensitivity: Public So, what is cloud security engineering? • Should
be comfortable with different tech stacks: • From serverless to containers, • From zero to hero.
Sensitivity: Public So, what is cloud security engineering? • Automation
is everything for us. • Design, develop, maintain security tasks with automation. • Integrate them into the development lifecycle.
Sensitivity: Public So, what is cloud security engineering? • Works
close with different teams → AppSec, DevOps, Pentest, VM... • I said we have lots of work Melting Face Emoji - what it means and how to use it
Sensitivity: Public What should we do? • Make time to
learn every day. Believe me. Everyday. • Read eveything.
Sensitivity: Public What should we do? • Avoid significant gaps
in your knowledge. • Be paranoid. Be curious. Always ask “How can I secure this?”
Sensitivity: Public What should we do? Sometimes, you need to
handle this by yourself.
Sensitivity: Public What should we do? • Avoid relying on
AI chatbots. Do research. Really. • Do experiment, build something, broke something in the cloud.
Sensitivity: Public What should we do? • Analyze open source
projects. • Learn CI/CD – DevSecOps: AWS Inspector for Code Quality, VM etc.
Sensitivity: Public What should we do? • Understand & learn
container security • Documentation → Write everything when you test. Melting Face Emoji - what it means and how to use it
Sensitivity: Public What should we do? • Learn IaC, start
with AWS. • Certifications???
Sensitivity: Public What should we do? CS Coding Version Control
Security Concepts OS Networking Scripting Software Design Principles OWASP Top 10 Auth Systems Cryptography
Sensitivity: Public Questions?