Overview

A Cloud Security Engineer is responsible for securing cloud workloads on Alibaba Cloud by implementing and managing robust security policies, practices, and technologies. This role emphasizes safeguarding applications and data from potential threats and vulnerabilities. The Cloud Security Engineer works closely with other roles to enhance the overall security posture

Skills Covered

  • Workload Security Implementation: Proficient in securing cloud workloads through the application of best practices and technologies, ensuring the confidentiality, integrity, and availability of resources.
  • Proficiency in Security Services: Expertise in Alibaba Cloud security services, including Anti-DDoS, Security Center, Web Application Firewall (WAF), Bastionhost for secure access, Cloud Firewall (CFW), and Key Management Service (KMS).
  • Threat Detection and Incident Response: Skilled in monitoring and responding to security incidents using integrated security tools and services, including familiarity with SIEM and SOAR solutions to enhance risk governance.
  • Security Automation: Knowledge of automating security processes using services such as Cloud Monitor for automated alerts and ActionTrail for auditing API usage.

Prerequisites

Target Audience

Cloud Security Engineers

Course Curriculum

Module 1: Cloud Security Basics

  • Introduction to Cloud Security
    • What is security in the cloud
    • Importance of cloud security
    • Security responsibilities in the cloud
      • Security considerations for different service models
      • Shared security responsibility model
    • Alibaba Cloud security services portfolio
    • Compliance and security standards
    • Important compliance and regulations

Module 2: Identity and Access Management on Alibaba Cloud

  • Resource Access Management Fundamentals
    • Importance of access control
      • Concept of identity on the cloud
      • Principle of least privilege
    • What is RAM
      • Authentication and authorization
      • How RAM works
    • User and role management
      • Planning username conventions & management
      • Manage roles, not users
      • RAM roles
    • Implementing access control policies
      • Access control methods
      • Role-based access control
      • Attribute-based access control
      • RAM policies
      • Writing secure and manageable policies

Module 3: Host Security on Alibaba Cloud

  • Cybersecurity Basics
    • Understanding cybersecurity technologies
      • What is SIEM
      • What is SOAR
    • Host security on the cloud
      • Risks and mitigation strategies specific to cloud hosts
      • Importance of securing both instances and network interfaces
    • Security Center Fundamentals
    • Bastionhost Fundamentals
    • ActionTrail Fundamentals
      • What is ActionTrail
      • Understanding the importance of action auditing, tracking API calls, and configuration changes

Module 4: Data Security on Alibaba Cloud

  • Data Security on Alibaba Cloud
    • Built-in data protection mechanisms (OSS, RDS, SSL)
    • Popular encryption methods
    • Protecting data-at-rest and data-in-transit
      • Importance of SSL/TLS in data transmission
    • Key Management Service Fundamentals
      • What is KMS
      • Concepts & components
      • Basic operations
      • Managing and rotating keys in KMS

Module 5: Network Security and Threat Mitigation on Alibaba Cloud

  • Web Application Security
    • Common cyber attacks across the network stack
    • DDoS attacks
    • OWASP Top 10 threats
  • Cloud Firewall Fundamentals
  • Web Application Firewall Fundamentals
  • Anti-DDoS Fundamentals

Dates & Locations

Let’s make it work for you

Can’t find a date that fits? Need to train your whole team? Looking for a discount?
Speak to one of our learning experts today.

x Clear all selections

August 11, 2026 - August 11, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
RM 2000

August 11, 2026 - August 11, 2026

Location: Online
Modal: VILT
Availability: TBC
RM 2000

October 13, 2026 - October 13, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
RM 2000

October 13, 2026 - October 13, 2026

Location: Online
Modal: VILT
Availability: TBC
RM 2000

December 8, 2026 - December 8, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
RM 2000

December 8, 2026 - December 8, 2026

Location: Online
Modal: VILT
Availability: TBC
RM 2000
Trainocate exam and cert

Exam & Certification

Alibaba Cloud Certified Associate: Cloud Security Engineer

Training & Certification Guide

Frequently Asked Questions

Speak to a Training Consultant

All courses are HRD Claimable.
Get in touch with our team via the form or WhatsApp us on +6011-5119 6631

Preferred mode of training
Checkboxes