AI & Cloud Forensics

What to expect

This course provides a foundational understanding of AI and cloud security and architectures, focusing on key cloud computing models (IaaS, PaaS, SaaS) and major providers, particularly Microsoft Azure. Participants will explore the shared responsibility model, cloud-native security controls, and gain insights into Entra ID and Microsoft 365 services.

The course covers essential logging and monitoring techniques for incident detection and response, including setting up logging in Azure and Microsoft 365, utilizing Azure Sentinel, and developing cloud-specific detection strategies using Kusto Query Language (KQL).

Students will also delve into incident response and forensics, analyzing access logs, investigating security incidents in SaaS applications, and understanding forensic techniques for Azure environments. Advanced topics will address cloud security automation, threat hunting, and the application of AI and machine learning in cloud security practices. By the end of the course, participants will be equipped with the skills to effectively secure and investigate cloud environments.

Technical Content ◆◆◇ Advanced

Audience

  • Security Operation Center Staff
  • Incident Responders
  • Cloud Security Engineers
  • Reverse Engineers
  • Software Engineers
  • System Administrators
  • Site Reliability Engineers

Applicability

This class is geared toward anybody wishing to learn more about securing, monitoring, and investigating cloud environments. This includes incident responders, security operations center staff, cloud security engineers, system administrators, detection engineers, and practitioners responsible for defending Azure, Microsoft 365, and other cloud-based services.

Objectives

  • Fundamentals of cloud computing models and shared responsibility
  • Cloud security architectures with a focus on Microsoft Azure
  • Microsoft Entra ID and Microsoft 365 security concepts
  • Cloud-native logging and monitoring for detection and response
  • Azure Sentinel and Kusto Query Language detection development
  • Incident response and forensic analysis in Azure and SaaS environments
  • Cloud threat hunting, automation, and AI-assisted security practices

Setup

  1. TBD