After this lesson, you will be able to: Understand the shared responsibility model in depth: what the cloud provider secures versus what you secure, and how it differs across IaaS, PaaS, and SaaS.
Most companies run in the cloud, and most cloud breaches come from customer misconfiguration, not provider failure. This subtrack covers the shared responsibility model, IAM misconfigurations, cloud attack techniques, security tooling, and secrets, with a hands-on CloudGoat scenario.
This is a free introductory lesson. No purchase required.
The provider secures the cloud (physical data centers, hardware, the hypervisor, managed-service internals); you secure what you put in the cloud (your data, IAM configuration, network rules, application code, and OS patching where applicable). The line moves with the service type: with IaaS (EC2) you patch the OS and configure everything; with PaaS (App Service) the provider handles the OS; with SaaS the provider handles almost everything except your data and access settings. Misunderstanding where the line sits is the root of many breaches.
The headline cloud breaches were misconfigurations: public S3 buckets exposing millions of records, overly permissive IAM roles, and exposed metadata services. The provider's infrastructure was not breached; the customer's configuration was wrong. This subtrack focuses on exactly those customer-side mistakes because that is where the risk and the jobs are.