Cloud Application Security

After completing the course, the student should be able to do the following: ● List and describe the OWASP Top 10 vulnerabilities. ● Identify methods to provide cloud security assurance as part of the development life cycle, e.g. in a continuous delivery environment. ● List and describe the different types of virtualization or sandboxing used to protect cloud applications at either the server or client. ● Describe the application of authentication factors and federated identity solutions in cloud client and server authentication. ● Given a cloud application, explain where and how the necessary crypto keys, passwords, and other security secrets should be stored and distributed

• Identify top OWASP cloud application vulnerabilities
• Apply security assurance methods in development lifecycles
• Describe virtualization and sandboxing techniques for protection
• Explain authentication factors and federated identity use
• Determine secure storage and distribution of security secrets

• Basic familiarity with cloud security terminology
• Readiness to practice through applied exercises or case studies