Basic Knowledge of Cloud Application Security Risks and Mitigations:1

Why does the requirement(s) need to be added?:

I'm a program owner and need people trained on something

KSAT Description(s):

After training, the student should have an understanding of what risks are inherent in developing, deploying, and maintaining cloud applications. Specifically they should be familiar with guides like the OWASP Top 10 List as well as ways to mitigate the issues that guides like that espouse.

Examples "Describe how insufficient logging and monitoring could be an issue if an adversary attacked your Gitlab server."

Related KSATs

Does this KSAT relate to any others? Not Currently

Parent KSATs: Please list KSATs that this KSAT helps to achive below. N/A

Child KSAT: Please list KSAT's that help implement this KSAT below. N/A

Training Reference (optional)

Do you have a reference(s) which explains how to accomplish this correctly? e.g. 90COS Org Chart (Reference for who the flight commanders are)

Workrole alignment

Which work roles does this requirement apply to?: Systems Engineer (to replace Sysadmin)

Related Requirements/Documentation

Is this requirement driven by an external document such as an AFI, Law, etc If so, please list it/them. e.g. 17-202v2 says all SEE's must be trained on objectivity. N/A