Hands-On Labs Added March & April 2025: AWS Blue Teaming

Cybr's March and April 2025 Hands-On Labs launches for AWS Blue teams

We added two new Hands-On Labs to Cybr’s growing labs catalog, both of which focus on AWS security blue teaming activities. Let’s check them out!

Securing S3 Against Ransomware with YES3

YES3 S3 Ransomware Hands-On Lab
View lab >

Learn how to identify and remediate common S3 security misconfigurations that can lead to S3 ransomware vulnerability (and other issues) using Fog Security’s YES3 Scanner tool. Explore a pre-configured AWS S3 bucket with intentional security misconfigurations, run security scans to detect issues like disabled public access blocks, inadequate encryption, disabled versioning, and missing logging configurations. Then, implement security best practices by enabling versioning, turning on block public access, and removing public bucket policies. By the end of the lab, you will understand how to assess S3 security posture, address vulnerabilities that could lead to unauthorized access or ransomware attacks, and verify their remediation efforts through follow-up scans.

Policy as Code with CloudFormation Guard

Policy as Code with CloudFormation Guard Hands-On Lab Banner
View lab >

Learn how to implement policy-as-code using AWS CloudFormation Guard – an open-source tool that helps validate infrastructure templates against organizational policies. You’ll install Guard, create a simple CloudFormation template defining an S3 bucket, and write Guard rules to enforce security standards like proper bucket naming conventions and versioning requirements. You’ll then run Guard and see how it identifies non-compliant resources. You’ll then correct the policy violations and verify compliance – demonstrating how policy-as-code can help catch configuration mistakes before deployment and ensure your infrastructure follows corporate governance standards.

See you next month with more AWS security labs!

View all of our Hands-On Labs >

Get started for free >

Related Articles

Responses

Your email address will not be published. Required fields are marked *