Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cloud Security Engineering: The Profession of t...

Avatar for Sena Yakut Sena Yakut
September 21, 2024
78
0

Cloud Security Engineering: The Profession of the Future

Avatar for Sena Yakut

Sena Yakut

September 21, 2024

More Decks by Sena Yakut

See All by Sena Yakut
AWS Cloud Security Fundamentals
Avatar for Sena Yakut senayakut
0
84
When Cloud Security Meets AI: A Playbook for the Future Leaders
Avatar for Sena Yakut senayakut
0
56
Oops, I Broke It Again - Practicing Safe Chaos in the Cloud
Avatar for Sena Yakut senayakut
0
57
Your AWS Account Got Hacked. What Happens Now?
Avatar for Sena Yakut senayakut
0
62
From Prompt to Prediction: Understanding LLM Outputs
Avatar for Sena Yakut senayakut
0
41
Thank U, Next... Prompt - Securing Generative AI Like a Queen
Avatar for Sena Yakut senayakut
0
69
Dangerous by Design Cloud Security Flaws We Keep Repeating
Avatar for Sena Yakut senayakut
0
380
re:Inforce 2025 - Serverless Threat Response for Amazon S3 Malware Detection
Avatar for Sena Yakut senayakut
0
76
Falling in Love with the Cloud – Securely
Avatar for Sena Yakut senayakut
0
90

Featured

See All Featured
Unlocking the hidden potential of vector embeddings in international SEO
Avatar for Frank van Dijk frankvandijk
0
770
Building a Scalable Design System with Sketch
Avatar for Laura Van Doore lauravandoore
463
34k
[RailsConf 2023 Opening Keynote] The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
31
10k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4.2k
Documentation Writing (for coders)
Avatar for Carmen Chung carmenintech
77
5.3k
Practical Tips for Bootstrapping Information Extraction Pipelines
Avatar for Matthew Honnibal honnibal
25
1.9k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
331
21k
Joys of Absence: A Defence of Solitary Play
Avatar for Sebastian Deterding codingconduct
1
350
The #1 spot is gone: here's how to win anyway
Avatar for Tamara Novitovic tamaranovitovic
2
1k
Public Speaking Without Barfing On Your Shoes - THAT 2023
Avatar for David Neal reverentgeek
1
380
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
35
3.4k
Easily Structure & Communicate Ideas using Wireframe
Avatar for Afnizar Nur Ghifari afnizarnur
194
17k

Transcript

  1. Sensitivity: Public Cloud Security Engineering The Profession of the Future

    Sena Yakut, CyberKonf Istanbul

  2. Sensitivity: Public ® aws sts get-caller-identity Sena Yakut, Cloud Security

    Architect @CyberWhiz All details, links about me:

  3. Sensitivity: Public Rise of the cloud computing is undeniable. Read

    all report:

  4. Sensitivity: Public Rise of the cloud security is undeniable. •

    Great time to enter this field • Companies are looking experts who can secure their cloud environments. • Cloud security → Young profession • Lots of work, less talent Melting Face Emoji - what it means and how to use it

  5. Sensitivity: Public So, what is cloud security engineering? • Means

    different for different companies (SOC, Site Reliability Engineer, AppSec Engineer etc.)

  6. Sensitivity: Public So, what is cloud security engineering? • Should

    be comfortable with different tech stacks: • From serverless to containers, • From zero to hero.

  7. Sensitivity: Public So, what is cloud security engineering? • Automation

    is everything for us. • Design, develop, maintain security tasks with automation. • Integrate them into the development lifecycle.

  8. Sensitivity: Public So, what is cloud security engineering? • Works

    close with different teams → AppSec, DevOps, Pentest, VM... • I said we have lots of work Melting Face Emoji - what it means and how to use it

  9. Sensitivity: Public What should we do? • Make time to

    learn every day. Believe me. Everyday. • Read eveything.

  10. Sensitivity: Public What should we do? • Avoid significant gaps

    in your knowledge. • Be paranoid. Be curious. Always ask “How can I secure this?”

  11. Sensitivity: Public What should we do? Sometimes, you need to

    handle this by yourself.

  12. Sensitivity: Public What should we do? • Avoid relying on

    AI chatbots. Do research. Really. • Do experiment, build something, broke something in the cloud.

  13. Sensitivity: Public What should we do? • Analyze open source

    projects. • Learn CI/CD – DevSecOps: AWS Inspector for Code Quality, VM etc.

  14. Sensitivity: Public What should we do? • Understand & learn

    container security • Documentation → Write everything when you test. Melting Face Emoji - what it means and how to use it

  15. Sensitivity: Public What should we do? • Learn IaC, start

    with AWS. • Certifications???

  16. Sensitivity: Public What should we do? CS Coding Version Control

    Security Concepts OS Networking Scripting Software Design Principles OWASP Top 10 Auth Systems Cryptography

  17. Sensitivity: Public Questions?