Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY

TRAINING: Pragmatic cloud security: AWS edition

James Arlen (Securosis)
9:00am–5:00pm Monday, October 30, 2017
Location: Clinton

Who is this presentation for?

  • You need to effectively secure cloud-based infrastructure and answer questions regarding your company’s implementation.

Prerequisite knowledge

  • Familiarity with Linux, shell, and basic scripting (bash, Python, or Ruby)
  • A solid understanding of security fundamentals, especially basic networking, including CIDR notation and simple firewall rules

What you'll learn

  • Understand core AWS security, with an emphasis on network security, IAM, and monitoring
  • Gain an introduction to automating cloud security to manage and enforce controls across services and accounts
  • Learn how to leverage cloud architectures to enhance security beyond what is possible for comparable cost in traditional data centers


Cloud computing has evolved from a bleeding-edge technology to the dominant platform for building and deploying new applications and services. While there are plenty of hand-wringing FUD sessions at industry conferences, there are few opportunities to learn the practical skills for security IaaS and PaaS deployments. Many of your security skills still apply in the cloud, but you need to leverage them in new ways.

James Arlen leads a hands-on exploration of techniques for protecting the cloud, with extensive labs in Amazon Web Services. The first day focuses on root account security, virtual networking security, IAM, and logging and monitoring; the second day covers leveraging PaaS services, using immutable infrastructure, and automating security controls.

If you’re responsible for designing or architecting security for infrastructure or platform-as-a-service deployments, if your organization is moving into cloud computing and you need the skills to defend it, or if you’re interested in learning how to secure Amazon Web Services and implement security automation for the cloud, this tutorial is for you.

Photo of James Arlen

James Arlen


James Arlen is a member of Heroku’s security team assisting customers in understanding how Heroku enables security programs and reduces the impact of compliance and security operations allowing them to move fast and focus on their apps. Over the past 20 years, James has delivered information security solutions to Fortune 500, TSE 100, and major public-sector organizations. James is a frequent speaker at industry conferences and a prolific contributor to standards bodies and media. He is also a contributing analyst with Securosis and has a recurring column in Liquidmatrix Security Digest. He is best described as an infosec geek, hacker, social activist, author, speaker, and parent.