IT security is now an essential part of all areas related to information technology. It involves a range of measures and procedures designed to protect information, data, and networks from unauthorized access, misuse, damage, or loss.
Some of the basic elements of IT security include, for example, a strong password that protects access to a user account. However, it is important to keep in mind that the password itself is not enough, and therefore it is also necessary to ensure the secure storage of data, network and cloud security against attacks, and regular software and hardware updates.
In this interview, Lubomír Ošmera told us more about the new security course focused on ethical hacking and penetration testing in cloud services.
We asked Lubomir Ošmera
-
We learned that after a very successful course on Microsoft 365 - Security of a Hybrid Environment (GOC215), you prepared another security course. Tell us about it.
Yes, I'd be happy to. The previous course on Microsoft 365 - Security of a Hybrid Environment (GOC215) focused on the strategy and practical implementation of security technologies in a hybrid environment. Now I have prepared a course focused on hacking and pentesting Microsoft cloud. In this course, participants will practically try out the techniques and procedures used by real attackers to attack Microsoft 365 or Microsoft Azure. If we know the enemy, we will be more effective defenders and also find it easier to find loopholes through which the attacker could penetrate us. Graduates of the course will also better understand individual security measures and be able to practically test their effectiveness. Basically, the courses complement each other excellently.
-
Many people still think that ethical hacking and penetration testing of cloud services is no longer necessary. What is your opinion on this?
It is important to remember that if we use the cloud, we share responsibility for security with the cloud provider. That is, we do not have to worry, for example, about the physical security of servers - that is taken care of by the provider, but protecting data, identities, devices, and secure operation of applications is still our responsibility. In the context of cloud pentesting, we test our own resources inside the cloud, it is not an attack on the cloud itself, for example, using DDOS.
-
What would you do if you discovered a really critical flaw in cloud technology?
There is a Bounty program where I would report the bug and then potentially receive a nice reward. Then I would like to share the finding at some of the TechEd or Hackerfest conferences.
-
Does this course follow on from the GOC215 course, or is it sufficient to complete the GOC238 course?
The Microsoft 365 - Security of a Hybrid Environment (GOC215) course is not a necessary prerequisite. The Microsoft Azure - hacking and penetration testing (GOC238) course can be attended independently. However, basic knowledge of Microsoft 365 / Microsoft Azure cloud environment, for example at the AZ-104, MS-100 level, is a prerequisite. An advantage may also be Network Security - Hacking in Practice (GOC03), whose main focus is hacking the network infrastructure.
-
At GOPAS, other courses on ethical hacking are also taught. Which courses can participants still attend with you?
Yes, this is the aforementioned Network Security - Hacking in Practice (GOC3) and then the very popular CEH - Certified Ethical Hacker v12 PRO (CEHv12).
|
|
Lubomír Ošmera
The instructor is a consultant and architect in the field of Microsoft technologies, focusing mainly on security in the world of Microsoft (cloud and on-prem). He implements security technologies in small businesses as well as international corporations.
Lecturer certifications - MCSE, MCT, CEH, CND, CCNA, CEI
|
Increase the security of your IT systems!
In today's world, IT security threats are becoming increasingly sophisticated and constantly evolving, so it is important to stay informed about new threats and use the latest technologies to ensure security. This means that not only large companies, but also ordinary users must learn to use various tools and methods to secure their IT environment.
In any case, security is a key factor in protecting information and data from attacks, theft, and loss. Therefore, anyone who uses information technology should be interested in how to increase the security of their IT systems and protect their information and data from unwanted attacks. You can also improve the security of your IT systems by participating in our IT security and hacking courses.
