PCI DSS Cloud Audit - beta
Beta version of course to help you audit PCI DSS implementations in the cloud.
This course focusses on a methodical approach to auditing cloud applications built on IaaS and PaaS. The content is structured around the 12 requirements of PCI DSS, but the overlap with other compliance standards is high.
For each requirement we will talk about the way to verify this on Amazon Web Services and Microsoft Azure. There is also a set of labs associated with this course.
Your Instructor
I am one of the most experienced independent IT security and cloud trainers worldwide. Since 2011 I am focussed on developing and delivering training, mainly related to business value and business risk of cloud computing, but also in Zero Trust, governance, audit and Artificial Intelligence.
My background is broad. I worked as a researcher and instructor at Twente University, as a project leader and consultant at EDS and an internet provider, and as an IT strategy, IT risk and digital infrastructures consultant at Deloitte.
I have done strategy and implementation projects at small and large organisations and public sector, across the world.
In the past years I had an additional position as associate professor of cyber security and cloud.
Course Curriculum
-
PreviewWelcome and intro to the program
-
StartExample IT supply chain: mobile app (3:55)
-
StartWhat are the essentials of cloud? Domain 1 of CCSK.
-
StartCCSKv4 Domain 1 questions
-
StartCloud Service models
-
StartService Model Game
-
StartShared responsibility model
-
PreviewServices of the Major Cloudproviders, and how they map
-
StartCourseware for the Major Cloudproviders
-
Preview2023 - PCI DSS v4.0 - Microsoft Azure Attestation of Compliance
-
Preview2023 - PCI DSS v4.0 - Microsoft Azure Shared Responsibility Matrix
-
StartAzure - Germany - PCI Penetration Test Report redacted (January 2019)
-
Start2023 - Google Cloud Platform: PCI DSS v4.0 Shared Responsibility Matrix