CT7009 - Cloud Cybersecurity (Palo Alto) (2025/26)
| Module specification | Module approved to run in 2025/26 | ||||||||||||
| Module title | Cloud Cybersecurity (Palo Alto) | ||||||||||||
| Module level | Masters (07) | ||||||||||||
| Credit rating for module | 20 | ||||||||||||
| School | School of Computing and Digital Media | ||||||||||||
| Total study hours | 200 | ||||||||||||
|
|||||||||||||
| Assessment components |
|
||||||||||||
| Running in 2025/26(Please note that module timeslots are subject to change) |
|
Module summary
This module is delivered in two main parts, the first part is Cloud Security, one of the Palo Alto Academy Programme courses. The second part is Cloud Security Deployment course that is designed to enhance student’s understanding of securing Cloud Computing technologies using an enterprise suite of services such as Prisma Cloud Compute, with an emphasis on cloud container configurations that provide visibility and control over the risks associated with deployment in both the public cloud and on premise in private data centres. In the Cloud Security course, students will learn basic principles associated with securing the cloud and SaaS-based applications through Secure Access Service Edge architecture. Students will also examine concepts required to recognize and potentially mitigate attacks against traditional and hybrid datacentres as well as mission critical infrastructure. Students will also learn how to initially setup and configure containers on a docker bridge network and test the container security using vulnerability scans and reports.
Prior learning requirements
Available for Study Abroad? No
Syllabus
- Cloud and Cloud Container Security Overview. This module discusses how Prisma Cloud provides enhanced network behaviour analysis and data security. Students also discover how Prisma Cloud Compute can be used to protect Cloud based service architectures, including securing container clusters both in the cloud and on premises. [LO1]
- Defender - Monitoring Vulnerabilities. This module presents Cloud Workload Protection, including the installation and upgrading of defenders for containers and container clusters in a deployed workload. Students also explore Cloud-based Contextual Alerting services that scan for unpatched hosts, escalation of privileges, and use of exposed credentials, and scans communication for malicious IP addresses, URLs, and domains. [LO3]
- Assessment - Monitoring Behaviour. This module discusses the ways you can view the vulnerabilities scan results for your images, containers, and registries. It also looks in-depth at adopting Serverless security - shifting the security focus away from infrastructure and towards behaviour, permissions and code inspection. [LO4]
- Maintaining Compliance. This module discusses Cloud management threat detection and response for resource misconfigurations and workload vulnerabilities and provides visibility into user activity within each cloud environment. The lesson also demonstrates best practices for maintaining compliance by enforcing compliance checks for containers. [LO2]
- Cloud Incident Management - Runtime Defence. This module introduces behavioural security which incorporates runtime defence and firewall deployments. Students further examine how Cloud Infrastructure Entitlement Management provides enterprise security controls for identity governance and both Privileged and Identity Access Management. [LO5]
Balance of independent study and scheduled teaching activity
Module is delivered once a week in a four-hour session. The two-hour lecture is followed by two hours of laboratory work. Students are provided with access to the on-line curriculum (Palo Alto Academy and NetLab) and are encouraged to read the material prior to lecture sessions. On the completion of lectures on specific topics students take regular in class tests for which they get an automated and/or in-person feedback. Lectures are heavily supported by hands-on relevant laboratory work. Students are encouraged to keep a logbook and record the summary of their practical work for reflective learning. Students are required to regularly complete advanced labs to assess their understanding.
Learning outcomes
On successful completion of this module, students should be able to:
LO1: Evaluate and apply cloud security technologies to protect data and systems. Assess how cloud-based machine learning enhances anomaly detection, and implement data security policies, classification techniques, and secure storage using platforms like Amazon S3.
LO2: Design and manage secure containerized environments, including security deployment models, vulnerability management, and compliance processes. Develop and monitor container runtime rules and identify vulnerabilities through image scanning and CVE evaluations.
LO3: Implement and maintain secure DevOps practices by deploying container installation and upgrade procedures, managing single and cluster container defenders, and ensuring secure integration within DevOps pipelines.
LO4: Analyse and mitigate security risks in cloud environments. Apply identity and privileged access management, implement best practices for serverless applications, and explore security enhancements such as Identity-Based Micro segmentation and Infrastructure as Code (IaC) solutions.
LO5: Defend cloud network systems against attacks by implementing mitigations for TCP/IP suite vulnerabilities and deploying next-generation firewalls. Evaluate engineering management concepts to minimize risks and address attack vectors based on specific scenarios.
Bibliography
CT7009 Cloud Cybersecurity | London Metropolitan University
https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/techbriefs/cybersecurity-survival-guide