🔐 key topics covered

• cloud security architecture: designed and redesigned secure applications tailored for the cloud, applying shared responsibility models.
• identity & access management (IAM): implemented least privilege, RBAC, MFA, and delegated roles across providers.
• data protection: applied encryption in transit/at rest, tokenization, key management, and data classification strategies.
• cloud compliance: addressed SOC 2, HIPAA, and ISO 27001 requirements in assignments.
• cloud platform deep dives: explored AWS, Azure, and GCP security tools and configurations.
• incident response & forensics: investigated cloud breaches and applied forensics for ephemeral environments.
• cloud-based vulnerability assessment: scanned and tested infrastructure while respecting ethical limitations.

🧪 hands-on learning

• configured IAM roles, encryption policies, and logging in AWS, Azure, and GCP.
• secured cloud-hosted applications with layered security controls.
• performed forensic analysis of simulated cloud incidents.
• ran vulnerability scans on cloud-hosted assets.

tools & environment

• cloud platforms: AWS, Azure, GCP
• IAM & security tools: AWS IAM, Azure AD, GCP IAM, Key Management Service (KMS)
• compliance & monitoring: AWS Config, Azure Security Center, GCP Security Command Center
• forensics & IR: CloudTrail, Azure Monitor, GCP Cloud Logging

outcomes

Built practical skills in securing cloud applications, managing identity, protecting sensitive data, and responding to cloud-specific threats. Developed the ability to architect secure cloud environments aligned with compliance requirements and industry best practices.