Cloud Security Assessment
This assessment evaluates your organization’s cloud infrastructure. Our certified specialists can assist with an assortment of services to evaluate your organization’s cloud security posture, including cloud architecture reviews, web application assessments, host audits, and infrastructure-based penetration testing.
Console audits for AWS, Azure, and GCP considering the organization’s cloud perimeter and internal network designs. After reviewing the designs, the specialist validates the implementation on the system consoles. This review precipitates architectural and detailed implementation recommendations for improvement.
Our Methodolody
All testing performed are based on the NIST SP 800 - 115 Technical Guide to Information Security Testing and Assessment, OWASP testing Guide and checklist (v4) plus other customized testing frameworks.
PLANNING
Customer goals are gathered and rules of engagement obtained.
DISCOVERY
Perform scanning and enumeration to identify potential vulnerabilities, weak areas and exploit.
ATTACK
Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.
REPORTING
Document all found vulnerabilities and exploits, failed attempts, company strengths and weaknesses.
Thorough Testing
All activities performed during testing include but not limited to:
AWS, Azure and GCP external and internal network audits
Host audit
Design and configuration reviews (IAM, EC2, S3, VPC, Route53, etc)
Web application assessments.
Infrastructure-based penetration testing
Other testing depends on specific customer content and footprint.