Training by LEO Cyber Security Experts

Cloud Security Fundamentals

Name: SANS SEC524: Cloud Security Fundamentals
Location: Dallas, TX US
Date: Thu Dec 7, 2017 – Fri Dec 8, 2017
Instructor: Andrew Hay, CTO, LEO Cyber Security

Register Here

You Will Learn:

  • – Foundations of cloud policy and contracts
  • – Cloud risks, including threats and vulnerabilities
  • – The 14 domains of the Cloud Security Alliance’s cloud security research
  • – Best practices for securing multiple layers of the cloud stack
  • – How to adapt security architecture, tools, and processes for use in cloud environments
  • – Everything you need to know to pass the CSA Certificate of Cloud Security Knowledge (CCSK) exam!

Cloud Security Architecture and Operations

Name: SEC545: Cloud Security Architecture and Operations
Location: San Francisco, CA US
Date: Monday, January 22, 2018 – Friday, Jan 26, 2017
Instructor: Andrew Hay, CTO, LEO Cyber Security

Register Here

This course will prepare you to:

  • – Revise and build internal policies to ensure cloud security is properly addressed
  • – Understand all major facets of cloud risk, including threats, vulnerabilities, and impact
  • – Articulate the key security topics and risks associated with SaaS, PaaS, and IaaS cloud deployment models
  • – Evaluate Cloud Access Security Brokers (CASBs) to better protect and monitor SaaS deployments
  • – Build security for all layers of a hybrid cloud environment, starting with hypervisors and working to application layer controls
  • – Evaluate basic virtualization hypervisor security controls
  • – Design and implement network security access controls and monitoring capabilities in a public cloud environment
  • – Design a hybrid cloud network architecture that includes IPSec tunnels
  • – Integrate cloud identity and access management (IAM) into security architecture
  • – Evaluate and implement various cloud encryption types and formats
  • – Develop multi-tier cloud architectures in a Virtual Private Cloud (VPC), using subnets, availability zones, gateways, and NAT
  • – Integrate security into DevOps teams, effectively creating a DevSecOps team structure
  • – Build automated deployment workflows using AWS and native tools
  • – Incorporate vulnerability management, scanning, and penetration testing into cloud environments
  • – Build automated and flexible detection and response programs using tools like AWS-IR, CloudWatch, CloudTrail, and AWS Lambda
  • – Leverage the AWS CLI to automate and easily execute operational tasks
  • – Set up and use an enterprise automation platform, Ansible, to automate configuration and orchestration tasks
  • – Use CloudWatch, CloudFormation, and other automation tools to integrate automated security controls into your cloud security program


LEO is a seasoned team of cyber trailblazers and creative practitioners who have the deep experience and operational knowledge to combat the cyber skills gap. From information security program / policy development to virtual security experts to on-demand threat hunting and response, LEO delivers tailored security solutions to your organization through creativity, experience, and commitment.