Loading...
Loading...
CCSK, CCSP, AWS Security Specialty, Azure AZ-500/SC-100, and DevSecOps — for Malaysian cloud architects, DevSecOps engineers, and GRC teams operating in AWS, Azure, and Google Cloud environments.
Malaysia's cloud adoption curve steepened sharply in 2024: AWS opened its Malaysia local zone, Microsoft and Google expanded their regional infrastructure, and Bank Negara's revised outsourcing framework normalised cloud usage by financial institutions subject to BNM oversight. The practical result is that a large cohort of Malaysian engineers who built their security competency in an on-premise model are now responsible for cloud workloads that behave very differently — infinitely-mutable, API-driven, shared-responsibility — and the skills transfer is not automatic.
Our cloud security courses are built for that gap: vendor-neutral fundamentals first (CCSK), then provider-specific depth (AWS, Azure, GCP), layered with the Malaysian regulatory overlay — BNM RMiT cloud outsourcing controls, PDPA data residency requirements, and NACSA NCII cloud risk considerations — so the training maps directly to the environment participants operate in, not an idealised global baseline.
The vendor-neutral cloud security foundation from the Cloud Security Alliance. Covers the CSA Security Guidance v4, Cloud Controls Matrix (CCM) v4, shared responsibility model, IAM, encryption, incident response, and the ENISA cloud risk framework. Exam token included. The natural prerequisite for CCSP and any provider-specific security specialisation.
The senior cloud security credential from ISC2. Covers all six CCSP domains at depth: cloud concepts and architecture, cloud data security, cloud platform and infrastructure security, cloud application security, cloud security operations, and legal/risk/compliance. Suitable as the cloud-security equivalent of CISSP. ISC2 exam voucher not included.
Exam preparation for the AWS Certified Security – Specialty (SCS-C02), the most sought-after cloud security certification for AWS practitioners. Covers all five exam domains: threat detection and incident response, security logging and monitoring, infrastructure security, identity and access management, and data protection. Labs run on live AWS accounts.
Combined preparation for Azure Security Engineer Associate (AZ-500) and Cybersecurity Architect Expert (SC-100). Covers Azure AD / Entra ID, Conditional Access, Defender for Cloud, Sentinel, Key Vault, network security, and Zero Trust architecture applied to Malaysian enterprise Azure estates. Particularly relevant for Malaysian banks and GLCs standardising on Microsoft 365 and Azure.
Practical DevSecOps course for engineers integrating security into CI/CD pipelines. Covers threat modelling for containerised applications, SAST/DAST tooling integration, container security (Kubernetes RBAC, Pod Security, OPA), secret scanning, dependency auditing, and security gates in GitHub Actions and GitLab CI. Labs use a deliberately vulnerable cloud-native application.
| Course | Date | Mode | Fee |
|---|---|---|---|
| CCSK | 20–21 Jul 2026 | Virtual (VILT) | RM 3,500 |
| AWS Security Specialty | 18–20 Aug 2026 | Virtual (VILT) | RM 4,800 |
| DevSecOps Practitioner | 25–27 Aug 2026 | Virtual (VILT) | RM 4,500 |
| CCSP | 21–24 Sep 2026 | Kuala Lumpur | RM 8,500 |
| Azure AZ-500 / SC-100 | 12–14 Oct 2026 | Kuala Lumpur | RM 4,800 |
All fees are per participant and HRDC SBL-Khas claimable. ISC2 and AWS/Azure exam vouchers purchased independently. Group rates available for 5+.
CCSK is a two-day, single-exam, vendor-neutral foundation credential issued by the Cloud Security Alliance. It is the right starting point for any security professional working with cloud. CCSP is a four-domain advanced credential from ISC2 that requires five years' IT experience and one year in cloud security. CCSP assumes CCSK-level knowledge and goes significantly deeper into cloud architecture, data security, legal/compliance and cloud security operations. Think of CCSK as the undergraduate foundation and CCSP as the master's-level credential.
CCSP and CCSK are the most frequently requested by Malaysian banks — partly because they are vendor-neutral (which suits multi-cloud or hybrid estates) and partly because they map directly to the cloud outsourcing controls in BNM RMiT and the CSA-CCM framework that BNM references. AWS Security Specialty is in high demand at fintech and digital bank teams who have standardised on AWS since the AWS Malaysia region opened in 2024.
Yes. AWS Security Specialty assumes at least one year of AWS production experience and a passing familiarity with core services (VPC, EC2, S3, IAM, Lambda). The Azure courses assume Azure Administrator (AZ-104) level knowledge or equivalent hands-on experience. Neither course is suitable as a cloud introduction. Attendees without this background should start with CCSK, which is deliberately vendor-neutral and does not require prior cloud platform experience.
Yes. Like all nCrypt training, the DevSecOps Practitioner course is registered with HRD Corp under SBL-Khas. We have structured the course outline to map to the ICT → Cybersecurity → Cloud Security skills area. We provide the full HRDC documentation pack on enrolment.
Yes — and this is the most common way Malaysian enterprises consume our cloud security training. A typical in-house track for a bank or GLC engineering team combines CCSK (Day 1-2), AWS or Azure security deep-dive (Days 3-5), and DevSecOps (Days 6-8). We tailor labs to your live cloud estate. Contact us for a scoping call and indicative pricing.
Whether you are building an internal cloud security team or preparing for a provider-specific certification, we can design a sequenced cloud security curriculum for your organisation. HRDC claim support included.