AWS security Threats, Tactics, and Defenses: Case Studies
RCCE students will learn Amazon Web Services security architecture and operations including IAM policies, VPC security, Security Hub, GuardDuty, CloudTrail analysis, S3 bucket security, KMS encryption, and Lambda function security. RCCE students will learn to secure AWS workloads using native and third-party security controls, configure IAM least-privilege policies, design secure VPC architectures with security groups and NACLs, enable and analyze CloudTrail logs for security investigations, detect misconfigurations using AWS Config and Security Hub, respond to alerts from GuardDuty, and implement automated security remediation using Lambda and Step Functions. This threat-focused course teaches students to think like adversaries while building robust defenses. Building on core knowledge, RCCE students will learn to analyze attack techniques, build detection logic, and implement defensive strategies that proactively identify threats before they cause damage. Students develop a threat-informed mindset that drives better security decisions across all operational activities.
- Cloud Security Architects and Engineers
- DevSecOps and Platform Engineers
- Identity and Access Management Specialists
- Security Analysts securing cloud workloads
- Professionals implementing AWS security Threats, Tactics, and Defenses: Case Studies
- Execute hands-on tasks for case studies
- Execute hands-on tasks for core security skills — covering Secure IAM with least-privilege policies.
- Execute hands-on tasks for advanced operations — covering misconfigurations via Config and Hub.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for customer responsibility — covering Physical data center security, IAM policies and access management.
- Execute hands-on tasks for aws security service landscape
- Execute hands-on tasks for security hub — covering Aggregated findings,, API audit logs, event.
- Execute hands-on tasks for users & groups
- Execute hands-on tasks for roles & policies
- Manage service account privileges, rotation, and access boundaries, including Individual identities with, Assume-role for temporary creds, and Instance profiles for EC2.
- Execute hands-on tasks for action scoping — covering only specific API actions needed.
| Module 01 | Case Studies |
| Module 02 | Core Security Skills |
| Module 03 | Advanced Operations |
| Module 04 | AWS Shared Responsibility Model |
| Module 05 | Customer Responsibility |
| Module 06 | AWS Security Service Landscape |
| Module 07 | Security Hub |
| Module 08 | IAM Architecture Fundamentals |
| Module 09 | Users & Groups |
| Module 10 | Roles & Policies |
| Module 11 | Service Accounts |
| Module 12 | Action Scoping |
| Module 13 | Resource Scoping |
| Module 14 | Condition Keys |
All hands-on labs run on Rocheston Rose X OS. Students practice aws security threats, tactics, and defenses: case studies by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for case studies
- Lab 2: Execute hands-on tasks for core security skills
- Lab 3: Execute hands-on tasks for advanced operations
- Lab 4: Design a scalable privilege management architecture with policy and enforcement
- Lab 5: Execute hands-on tasks for customer responsibility
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for AWS security Threats, Tactics, and Defenses: Case Studies, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI