Cloud Security Training in Nantes

Description:

This two-day CCSK Plus course encompasses all material from the CCSK Foundation course, extending the curriculum with comprehensive, hands-on labs during the second day of instruction. Participants will demonstrate their mastery by executing a series of exercises centered around a scenario that securely transitions a fictional organization to the cloud. Upon completion of this training, students will be thoroughly prepared for the CCSK certification exam, which is sponsored by the Cloud Security Alliance. While the second day includes additional lectures, the majority of time is dedicated to assessing, constructing, and securing a cloud infrastructure through practical exercises.

Objectives:

This two-day program begins with CCSK Basic training, followed by a second day featuring advanced content and hands-on activities.

Target Audience:

This course is primarily designed for security professionals, yet it is also highly beneficial for anyone seeking to broaden their understanding of cloud security.

Adopting cloud technologies transforms how applications are developed, deployed, and managed, shifting responsibilities between service providers and clients while introducing cloud-native platforms like containers, serverless computing, and managed services that demand tailored security controls. Consequently, security strategies must encompass infrastructure hardening, identity and access management, data protection, secure development methodologies, and cloud-specific threat mitigation.

This instructor-led, live training (available online or onsite) is designed for intermediate-level developers, security engineers, and IT managers seeking practical, hands-on skills to secure cloud applications and their underlying infrastructure. Participants will learn repeatable controls and assessment techniques aligned with current industry frameworks and cloud provider guidelines.

By the conclusion of this training, participants will be able to:

• Explain the cloud shared-responsibility model and apply it to application security decisions.
• Harden cloud infrastructure (IaaS), secure platform services (PaaS), and evaluate SaaS configurations.
• Apply secure coding and OWASP-based mitigation patterns to cloud-hosted applications.
• Integrate security tooling into CI/CD pipelines (SAST/DAST/IAST/RASP) and adopt shift-left practices.

Format of the Course also allows for the evaluation of participants.

• Interactive lecture and discussion tied to live demos.
• Hands-on labs using cloud consoles, containers, serverless functions, and CI/CD pipelines.
• Practical exercises: secure configuration, vulnerability scanning, attack simulation and remediation planning.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This course delivers practical insights into OpenStack and private cloud security. It begins with an introduction to the system, followed by hands-on training on securing private clouds and hardening OpenStack installations. Throughout the course, each core OpenStack module is explored in detail. Participants will construct virtual identity, image, network, compute, and storage resources while addressing relevant security considerations. Each attendee receives a dedicated training environment featuring a complete OpenStack installation tailored to a selected cloud architecture (e.g., storage, networking). The training can be highly customized to meet specific client requirements.

Customization options
The course can be condensed into a 2-day session focusing on core aspects most relevant to the customer. Alternatively, it can be expanded to cover administrative, design, networking, and/or troubleshooting topics related to OpenStack deployments.