Home

Awesome

<br/> <div align="center">

A curated list of awesome cloud security related resources.

</div> <br/>

Awesome Cloud Security

🛡️ Awesome Cloud Security Resources ⚔️

Contents

Standards

Compliances

Benchmarks

Tools

Infrastructure

Container

SaaS

Penetration testing/learning

Native tools

Reading Materials

AWS

  1. Overiew of AWS Security
  2. AWS-IAM-Privilege-Escalation by RhinoSecurityLabs: A centralized source of all AWS IAM privilege escalation methods.
  3. MITRE ATT&CK Matrices of AWS
  4. AWS security workshops
  5. ThreatModel for Amazon S3: Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach

Azure

  1. Overiew of Azure Security
  2. Azure security fundamentals
  3. MicroBurst by NetSPI: A collection of scripts for assessing Microsoft Azure security
  4. MITRE ATT&CK Matrices of Azure
  5. Azure security center workflow automation

GCP

  1. Overiew of GCP Security
  2. GKE security scenarios demo
  3. MITRE ATT&CK Matrices of GCP
  4. Security response automation

Others

  1. Cloud Security Research by RhinoSecurityLabs
  2. CSA cloud security guidance v4
  3. Appsecco provides training
  4. Cloud Risk Encyclopedia by Orca Security: 900+ documented cloud security risks, with ability to filter by cloud vendor, compliance framework, risk category, and criticality.

Free Courses

  1. AWS Security

Paid Courses

  1. DevSecOps – Kubernetes DevOps & Security
  2. DevSecOps: Insecure Docker Registry
  3. Learn Cloud Security, Kubernetes, DevSecOps, and more
  4. Certified Kubernetes Security Specialist (CKS)

Bootcamps

  1. On-Demand: DevSecOps: Beginner Edition Bootcamp
  2. On-Demand: Cloud Security: AWS Edition Bootcamp
  3. On-Demand: Container Security: Beginner Edition Bootcamp

Trainings

  1. Attacking and Defending AWS

Certifications

  1. CCSP – Certified Cloud Security Professional
  2. AWS Certified Security - Specialty
  3. Microsoft Certified: Azure Security Engineer Associate
  4. Certified Kubernetes Security Specialist (CKS)

Resource

AWS

  1. Bucket search by grayhatwarfare

Others

  1. Mapping of On-Premises Security Controls vs. Major Cloud Providers Services

Contributing

See contributing