• 708.689.0131
  • Contact us
  • Login
Infosec Logo
  • Infosec Logo
  • Products
  • Solutions
  • Resources
  • Company
  • Partners
  • Product overview
  • Infosec IQ logo Security awareness & culture
  • Infosec Skills logo On-demand training & cyber ranges
  • Infosec Skills Live Boot Camps logo On-demand training & cyber ranges
  • Infosec IQ overview
  • Security awareness training
  • Phishing simulator
  • Reporting & assessments
  • Integrations & automation
  • Global administration
  • Browse all training
  • Pricing & features
  • Demo
  • Infosec Skills overview
  • Role-guided training
  • Infosec Skills Teams
  • Cyber ranges & labs
  • Certifications & CPEs
  • Skill assessments
  • Browse all training
  • Pricing & features
  • Book a meeting
  • Live boot camps
  • Infosec Institute certifications
  • DoD 8570 certifications
  • Get team boot camp pricing
  • View boot camp schedule
  • Book a meeting
  • Pre-built training plans
  • Compliance, industry & role-based training
  • Custom education
  • Personalized learning
  • Languages
  • Gamified learning
  • 1000+ phishing templates
  • Simulation types
  • Phishing email reporter
  • Dashboard reports
  • Security culture survey
  • Assessments
  • Learner analytics
  • Learner management
  • Threat response orchestration
  • Integrations
  • 52 NICE Work Roles
  • SOC Analyst
  • Cloud Security Engineer
  • Security Manager
  • ICS Security Practitioner
  • Security Engineer
  • Penetration Tester
  • Digital Forensics Analyst
  • Information Risk Analyst
  • Security Architect
  • Secure Coder
  • Boot camp overview
  • CISSP Boot Camp
  • Security+ Boot Camp
  • Ethical Hacking Boot Camp
  • CCNA Dual Cert Boot Camp
  • CASP+ Boot Camp
  • CCSP Boot Camp
  • CISM Boot Camp
  • CySA+ Boot Camp
  • PMP Boot Camp
  • Browse all boot camps
Choose Your Own Adventure

Security awareness games by Infosec

Click to Play

On-demand training for every cybersecurity role

Download Catalog

Certification training from industry experts

Get Pricing
  • Solutions overview
  • By organization type
  • By need
  • For business teams
  • For government & contractor teams
  • For MSPs & resellers
  • Security awareness
  • Phishing simulation
  • Technical skill development
  • IT certification
  • Compliance & framework
  • CMMC certification

    2021 IT & Security Talent Pipeline Study

    Download Now
    • Cyber Work
    • Webcasts
    • Case studies
    • Reports & whitepapers
    • Blog
    • Community
    • Infosec Inspire
    • Free tools
    • Cyber Work Podcast
    • Cyber Work Applied
    • Infosec Insiders
    • TechExams
    • YouTube
    • LinkedIn
    • Facebook
    • Twitter
    • Phishing Risk Test
    • Security awareness ROI calculator
    • Security awareness training plans
    • Security awareness buyer’s guide

      Cyber Work Podcast

      New cybersecurity career conversations every week

      Listen Now
      • About us
      • Events & webcasts
      • Careers
      • Scholarships & awards
      • Infosec Gives
      • Infosec Gives Partner Program
      • About us
      • Leadership
      • Newsroom
      • Recognition
      • Industry alliances
      • Infosec Hall of Fame
      • Infosec Security Awareness Awards
      • Infosec Accelerate Scholarship Program

        We’re hiring!

        Join a team dedicated to making a difference.

        Get To Know Us

        Cloud Penetration Testing Training Boot Camp

        Learn how to conduct penetration tests on cloud services and applications! This boot camp goes in-depth into the tools and techniques used to exploit and defend cloud infrastructure components with a combination of hands-on labs and expert instruction.

        View Pricing Book a Boot Camp
        cloud-penetration-testing-boot-camp

        Become a Certified Cloud Penetration Tester, guaranteed!

        • Five days of expert, live CCPT training
        • Exam Pass Guarantee
        • Exam voucher
        • Unlimited practice exam attempts
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Pre-study learning path
        • Hands-on cyber ranges and labs
        • Knowledge Transfer Guarantee

        Hands-on labs

        Get hands-on penetration testing experience in our custom-built cloud-based lab environment. You will practice using OSINT tools and techniques to gather information about target services and public buckets, abusing metadata endpoints, stealing credentials from cloud instances, attacking storage and database service misconfigurations, and more. You will also learn remediation steps so that the cloud service provider can properly close the security hole.

         

        View full course schedule

        Training overview

        Infosec’s Cloud Penetration Testing Boot Camp is a practical, hands-on training focused on teaching you the skills, tools and techniques required for conducting comprehensive security tests of cloud servers and applications.

        You will learn the secrets of cloud penetration testing in an immersive environment, including exploiting and defending AWS and Azure services, building your pentesting toolbox in the cloud, and diving deep into security features and vulnerabilities of cloud infrastructure. You will also learn how to deal with the unique challenges presented by cloud pentesting, such as multi-tenant environments and pivoting. The boot camp also prepares you to earn the Certified Cloud Penetration Tester (CCPT) certification.

        What you'll learn

        This boot camp provides hands-on cloud infrastructure penetration testing experience and prepares you to earn the CCPT certification. You will leave with skills and in-depth knowledge of the five CCPT domains:

        • Common vulnerabilities in cloud environments
        • Security features of popular cloud platforms
        • Cloud pentesting process and requirements
        • Cloud pentesting tools
        • Reporting cloud pentest findings and providing recommendations

        Who should attend?

        • Penetration testers
        • Cloud and system administrators
        • Application developers
        • DevSecOps engineers
        • Security consultants
        • Security analysts

        Prerequisites

        Familiarity with cloud and penetration testing concepts and at least one year in an information security role, or equivalent experience, is recommended.

        Everything you need to earn your CCPT

        • Five days of expert, live CCPT training
        • Exam Pass Guarantee
        • Exam voucher
        • Unlimited practice exam attempts
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Pre-study learning path
        • Hands-on cyber ranges and labs
        • Knowledge Transfer Guarantee
        Everything you need to earn your CCPT
        View Pricing

        Exam Pass Guarantee

        We guarantee you’ll pass your exam on the first attempt. Learn more. 

         

        CCPT training schedule

        Infosec’s CCPT training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

        • Before your boot camp
          • Start learning now. You’ll get immediate access to all the content in Infosec Skills the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

        • During your boot camp
          • Cloud pentesting process and requirements

            • The need for cloud pentesting
            • Cloud architecture fundamentals
            • Cloud security responsibilities (within service models)
            • Unique challenges for cloud pentesting
            • Multi-tenancy considerations (data privacy, legal requirements, rules of engagement)
            • Cloud attack surface
            • Virtualization concepts
            • Pentesting methodologies
            • Cloud pentesting process
            • Pentesting tools: traditional and cloud-specific
            • Setting up a cloud pentesting environment

            Reconnaissance in the cloud

            • OSINT techniques
            • Azure and AWS IP ranges
            • Tools for obtaining IP and host information (Shodan, Censys, Google dorks)
            • Enumerating access with Nimbostratus, ScoutSuite and Prowler
            • Finding exposed buckets
            • Bucket enumeration with Slurp
            • Service discovery

            Attacking AWS

            • AWS security features
            • AWS Console overview
            • Working with AWS CLI
            • Exploiting remote access protocols (SSH , RDP)
            • Exploiting application security misconfigurations
            • Abusing EC2 metadata
            • Stealing IAM credentials
            • EC2 IMDSv2
            • Attacking lambda endpoints
            • Assessments with AWS Inspector
            • Attacking misconfigured S3 buckets
            • Discovering and stealing EBS snapshots
            • Recovering data from EBS snapshots
            • Exploiting AWS RDS misconfigurations
            • RDS data pilfering with AWS CLI and Amazon API
            • Persistence

            Attacking Azure

            • Understanding Azure Services
            • Mapping Azure Services to AWS Services
            • Attacking Azure Virtual Machines
            • Attacking Azure Blob Storage misconfigurations
            • Extracting data from disk snapshots
            • Subdomain takeover via Azure App Services
            • Gaining shell access with Azure run command
            • Finding and examining Azure SQL Database servers

            Attacking containerized and serverless applications

            • Understanding containers
            • Working with Docker
            • Container breakout
            • Exploiting misconfigured containers
            • Trojanized Docker images
            • Understanding Kubernetes
            • Attacking deployed applications
            • Attacking Kubernetes clusters
            • Understanding AWS Lambda
            • Attacking serverless applications

            Reporting

            • Cloud security frameworks and best practices
            • Collecting and reporting evidence in cloud accounts, aliases, metadata, keys and AMIs
            • Developing and communicating follow-up items
        • After your boot camp
          • Your boot camp includes a 1-year subscription to Infosec Skills, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.

        Public Cloud Penetration Testing from the Customer Viewpoint

        Is cloud-based penetration testing different from that conducted on-premises? What are its limitations and what determines them? Let’s discuss it further.

        Learn More

        Penetration Testing and Cloud Platforms

        With the move towards the use of more and more cloud-based infrastructure and applications, some complications arise around this Penetration Testing. Learn more about the issue and limitations.

        Learn More

        Cloud Pentesting Certification Boot Camp: The ultimate guide

        The CCPT certification is offered by the Infosec Institute to validate an applicant’s skills in cloud hacking and penetration testing. The certification is designed to demonstrate that an applicant has expert-level knowledge regarding Azure and AWS penetration testing and experience in using cloud-based pentesting tools.

        Learn More

        Find your boot camp

        Take the course online?
        Learn more about online
        866.471.0059
        • Today
        • Next week
        • Next month
        See additional dates

        Sign up

        Enroll in a boot camp

          See additional dates
          Infosec logo

          Products

          Infosec IQ Security awareness, culture & phishing simulator Infosec Skills Hands-on skill development & boot camps

          Resources

          Cyber Work Blog Infosec Inspire Events & webcasts

          Company

          Contact us About Infosec Careers Newsroom Partners
          • ©2022 Infosec Institute, Inc.
            • Trademarks
            • Privacy Policy

          Infosec, part of Cengage Group

          We use cookies to personalize your experience and optimize site functionality. Accept Cookie settings
          Privacy & Cookies Policy

          Infosec cookie notice

          We use cookies to help understand your needs, optimize website functionality and give you the best experience possible. Use this policy to understand how, when and where cookies are stored on your device. 

          Want to know more? Contact [email protected].
          Necessary
          Always Enabled
          This type of cookie helps keep our website functioning. They provide access to account-based features and other secure areas of our site, and do not store information about you that could be used for marketing. This category of cookies cannot be disabled.
          Analytics
          Google Analytics cookies help us understand how visitors use our site. All data collected from Google Analytics is anonymized (including your IP address) and stored by Google on U.S. servers.
          Marketing
          We use this type of cookie to optimize our marketing campaigns. Marketing cookies are delivered by our database when you visit our site, complete a form or open email from us. Information stored in this cookie includes personal information like your name and what pages you view on our site.
          Save & Accept