Many cloud-focused tools and third-party vendors require access to your organization’s cloud account. Sure, you could open up the flood gates and allow full, administrative access, but do those vendors and tools need that level of access? Most likely, no. In an age of increased supply chain and upstream vendor compromises, we must ensure that we are limiting any and all external access to what is truly needed and nothing more. In this workshop, you will allow a third party vendor (Blue Mountain Cyber) access to your cloud account and, in return, an automated security assessment of your AWS account will be performed. But there’s a twist: To get these results, you must first limit access to ONLY what is needed to perform this audit. Too much or too little access? No report for you!
Learning Objectives:
Who Should Attend:
Pre-requisite Knowledge:
None.
System Requirements:
This workshop supports concepts from SEC488: Cloud Security Essentials.