Cloud Penetration Testing: AWS and Azure
RCCE students will learn unique attack vectors present in public cloud environments. RCCE students will learn to apply industry-standard tools and techniques to identify weaknesses and verify security controls. The course covers practical scenarios ranging from initial setup to final reporting. RCCE students will learn to analyze complex systems and think like an attacker to better defend the organization. This comprehensive course delivers practical knowledge applicable to real-world cybersecurity operations. Starting from foundational concepts, RCCE students will learn through a combination of concept explanation, practical demonstration, and hands-on exercises.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Cloud Penetration Testing: AWS and Azure
- Execute hands-on tasks for cloud penetration testing:
- Explain Course Overview & Learning Objectives fundamentals
- Execute hands-on tasks for course purpose
- Execute hands-on tasks for what you will master — covering Attack public cloud infrastructure (AWS + Azure), Cloud environment recon and enumeration.
- Execute hands-on tasks for topic map – 16 core subtopics
- Execute hands-on tasks for 1. cloud security
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for 3. lab & toolchain setup
- Execute hands-on tasks for 6. storage misconfig
- Execute hands-on tasks for cloud security fundamentals
- Execute hands-on tasks for cloud-native security controls — covering Provider secures infrastructure; customer secures data, IAM policies as primary access control layer.
| Module 01 | Cloud Penetration Testing: |
| Module 02 | Course Overview & Learning Objectives |
| Module 03 | Course Purpose |
| Module 04 | What You Will Master |
| Module 05 | Topic Map – 16 Core Subtopics |
| Module 06 | 1. Cloud Security |
| Module 07 | 2. AWS & Azure Architecture |
| Module 08 | 3. Lab & Toolchain Setup |
| Module 09 | 6. Storage Misconfig |
| Module 10 | Cloud Security Fundamentals |
| Module 11 | Shared Responsibility Model |
| Module 12 | Cloud-Native Security Controls |
| Module 13 | Key Cloud Attack Surface |
| Module 14 | Blast radius amplified by over-permissive IAM |
All hands-on labs run on Rocheston Rose X OS. Students practice cloud penetration testing: aws and azure by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for cloud penetration testing:
- Lab 2: Explain Course Overview & Learning Objectives fundamentals
- Lab 3: Execute hands-on tasks for course purpose
- Lab 4: Execute hands-on tasks for what you will master
- Lab 5: Execute hands-on tasks for topic map – 16 core subtopics
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Cloud Penetration Testing: AWS and Azure, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI