Need to audit PCI DSS implementations in the cloud?

Working to demonstrate your PCI DSS compliance in your cloud application?

Or just trying to find examples on how to approach any type of compliance in cloud?

This course helps you do that.

The main assumptions are that the implementation is based on IaaS and PaaS, and you have some general understanding (or better) of PCI and cloud security. Consequently, we'll often discuss how cloud is different from 'traditional' IT, rather than discussing cloud audit from the ground up.

We are also focussing on the technical and architectural side of reviewing controls. Other than cloud provider documentation, we won't be looking much into policies and procedures.

Warning: This course is in beta...

If you have a cloud certification of some kind, you should be able to skip most of the introduction to cloud section.

The unit on 'Courseware for the major cloudproviders' helps you dive deeper in technical cloud security. If you have a security certification of one of them, you could skip that too, though you'll probably want to return to it later.

If you have detailed knowledge of the PCI DSS documents on cloud, you can probably skip that section as well.