October 30–31, 2016: Training
October 31–November 2, 2016: Tutorials & Conference
New York, NY

Pragmatic cloud security (AWS edition)

James Arlen (Securosis)
9:00am - 5:00pm Sunday, October 30 - Monday, October 31
Location: Concourse G

Participants should plan to attend both days of this 2-day training. Training passes do not include access to tutorials on Monday.

Average rating: ****.
(4.00, 2 ratings)

Prerequisite knowledge

  • Familiarity with Linux, shell, and basic scripting (Bash, Python, and/or Ruby)
  • A solid understanding of security fundamentals, especially basic networking, including CIDR notation and simple firewall rules

What you'll learn

  • Understand core AWS security, with an emphasis on network security, IAM, and monitoring
  • Gain an introduction to automating cloud security to manage and enforce controls across services and accounts
  • Learn how to leverage cloud architectures to enhance security beyond what is possible for comparable cost in traditional data centers


Cloud computing has evolved from a bleeding-edge technology to the dominant platform for building and deploying new applications and services. While there are plenty of hand-wringing FUD sessions at industry conferences, there are few opportunities to learn the practical, hands-on skills for security IaaS and PaaS deployments. Many of your security skills still apply in the cloud, but you need to leverage them in new ways.

James Arlen leads a hands-on exploration of techniques for protecting the cloud, with extensive labs in Amazon Web Services. The first day focuses on root account security, virtual networking security, IAM, and logging/monitoring; the second day covers leveraging PaaS services, using immutable infrastructure, and automating security controls.

If you’re responsible for designing or architecting security for infrastructure- and/or platform-as-a-service deployments, if your organization is moving into cloud computing and you need the skills to defend it, or if you’re interested in learning how to secure Amazon Web Services and implement security automation for the cloud, this tutorial is for you.

Photo of James Arlen

James Arlen


James Arlen is a member of Heroku’s security team assisting customers in understanding how Heroku enables security programs and reduces the impact of compliance and security operations allowing them to move fast and focus on their apps. Over the past 20 years, James has delivered information security solutions to Fortune 500, TSE 100, and major public-sector organizations. James is a frequent speaker at industry conferences and a prolific contributor to standards bodies and media. He is also a contributing analyst with Securosis and has a recurring column in Liquidmatrix Security Digest. He is best described as an infosec geek, hacker, social activist, author, speaker, and parent.

Comments on this page are now closed.


James Arlen
10/09/2016 12:44pm EDT

Hey Brad!

You’ll need a laptop – doesn’t matter what operating system as long as it can run a modern web browser and an SSH client. If it’s a Mac and runs Mavericks or later, you’re good. If it’s Windows 7/8/10 and download the Putty SSH client, you’re good. If it’s Linux and less than 5 years old, you’re good.

Note that Windows RT, Chromebooks, Android devices and iOS devices might work or can be made to work, but I won’t be able to support you much in the class environment.

Setup instructions will be mailed out a week before the class to all registered attendees.

Brad Lohnes
10/09/2016 12:29pm EDT

Hi. What do we need to bring to this training workshop? Laptop with Linux? Or is everything provided? Cheers.