UC – AWS Security

By Carlos Polop
7433

AWS secures the physical data centers and hypervisors, but customers own the identity, configuration, encryption, and monitoring layers. Mastering this sharedโ€‘responsibility model means designing least privilege on day one, isolating workloads by account, and wiring continuous detection so every drift or rogue API call is caught, before it becomes tomorrowโ€™s headline. Bottom line… most of AWS Security is up to YOU!

The goal for this Free Upskill Challenge by Carlos Polop of HackTricks is to:

  • Inspire you to learn even more far beyond the 20 – 30 minutes of this UC.
  • Give you an introduction to the basics and best-practices for securing your AWS environment.
  • Show you some actions you can take immediately to reduce your attack surface.

Price = FREE!

Upskill Now! >

Whatโ€™s an Upskill Challenge (UC)?

A UC is a CTF-style, bite-sized lesson from the JHT Team, our courseware developers as well as โ€œfriendsโ€ of JHT. They are meant to be short and to the point. UCs focus on a single tool or concept and are helpful in quickly providing useful skills that might be prerequisites for other types of educational content on the platform.

A UC should be 10 โ€“ 30 minutes of student time and have no VMs. There are quizzes to make sure that the content is understood.

Prerequisites for “UC – AWS Security”

UCs assume no knowledge at all! Theyโ€™re meant to be completely self-contained, so all of the answers are in the lesson. No outside research is required.

Upskill Now! >
Just Hacking Training (JHT) - Carlos Polop

Carlos Polop

Carlos Polop has a degree in Telecommunications Engineering with a Master in Cybersecurity. He has worked mainly as Penetration Tester and Red Teamer for several companies and has several relevant certifications in the field of cybersecurity such as OSCP, OSWE, CRTP, eMAPT, eWPTXv2, OSMR, ARTE, GRTE, AzRTE, et al. He was captain of the Spanish team in the ECSC2021, member of Team Europe for the ICSC2022 and trainer of the Team Europe in 2024&25. And he has spoken at several international conferences such as DEFCON31. is an experienced penetration tester, red teamer and programmer. Since he started learning cybersecurity, he has tried to share his knowledge with the InfoSec community by publishing open-source tools such as PEASS-ng – Privilege Escalation Awesome Scripts SUITE new generation. He is also the author of HackTricks, the popular online publication that anyone can consult (https://book.hacktricks.xyz/ clickable link above).

Just Hacking Training (JHT) Logo
Affordable Hands-On Cybersecurity Training from Co-Founder John Hammond & 30+ All-Stars
Browse Entire CatalogBrowse Entire Catalog

Hardware Hacking 101 Is Here!

20% Off Discount Ends March 31st!
HH101 w/ Custom Kit Only $280

Thanks SF

Didn't get to the IoT Village at BSidesSF or RSAC? Play our 2 new Extended Upskill Challenges with VMs Free NOW on JHT!

Recent Releases

- Courses: WinMalDev 5, SIEMless Threat Hunting, SOC 101, IR 101, Ransomware Analysis
- Bundles: 25% Off Dark Web 1 & 2,
50% Off 7 CTFs, 75% Off 7 HALs
- Free UCs: Proxmox, Metasploit, UCx - QEMU, UCx - mitmproxy, Maritime Cybersecurity, APIs in PowerShell 7, Nessus
- Blogs: Brief History of ConDef Ecosystem,ย  ConDef MCP โ€“ Meet Your AI Teaching Asst, Blue Team Training Roadmap

Start Windows Malware Dev

WMD 1 = $40
WMD Intro Path (1-3) = 46% Off

ย 

Top Picks

The Mishaal Bundle, ConDef 2026, API Hacking, Phishing, SOC Analyst 101

Courses In Production

WMD 6, Jr WebApp Pentester, Jr Network Pentest, OS Hardening...

Explore Ways to Learn