Cloud Penetration Testing

  • Home
  • Cloud Penetration Testing

Identify Cloud Security Risks

Penetration testing in the cloud is unique to the CSP (cloud service provider), bringing its own set of security considerations. While some vulnerabilities are mitigated through the CSP’s security measures, the complexity of these services leaves many companies exposed. One of cloud’s strongest features is the immense flexibility that it provides to the system administrators in setting up the environment. While the flexibility is great to have, it’s also a significant security concern.

White Knight Labs cloud penetration testing services are aimed specifically at these needs, identifying the configuration and implementation flaws which fly under the radar.

Traditional Infrastructure vs Cloud Pentesting

On-premises infrastructure and cloud environments differ in various ways. From configuration to IAM, the technology stacks could not be more distinct. In the cloud I AM is the security boundary.

The cloud architecture is comprised of a set of powerful APIs. Deeply integrated into each cloud environment’s ecosystem, WKL security engineers test for a range of cloud-specific misconfigurations, including the following:

  • Lack of multi-factor authentication
  • Excessive permissions
  • Manipulating customer data in Azure Cosmos databases
  • EC2 instance and application exploitation
  • Targeting and compromising AWS IAM keys
  • Testing S3 bucket configuration and permission flaws
  • Establishing private cloud access through Lambda backdoor functions
  • Covering tracks by obfuscating CloudTrail logs
Download Sample Pentest Report
Download Service Brief
Contact Us

How can you Benefit?

The benefits of cloud pentesting are increased technical assurance, and better understanding of the attack surface that your systems are exposed to. Cloud systems, whether they are infrastructure as a service (IaaS), platform as a service (PaaS), or software as a service (SaaS), are prone to security misconfigurations, weaknesses, and security threats just as traditional systems are.

By performing cloud security testing you will get:

a) A better understanding of your cloud estate. What services do you have in the cloud? What systems do you expose to the public?


b) A detailed report on any common security misconfigurations along with our recommendations for how to secure your cloud configuration.

The increased assurance will come from the fact that that you will gain visibility of the security weaknesses of your cloud estate. You will be able to verify what services and data are publicly accessible, what cloud security controls are in effect, and how effectively these are mitigating your security risk.

CSP-specific Penetration Testing

In a cloud assessment the client provides a secured account on the cloud management console to the WKL assessment team. By enabling this view into specific implementation details, our cloud experts can provide guidance on security details otherwise inaccessible to attackers.

This approach is designed as a whitebox, audit-style engagement. If you’re looking for an in-depth security assessment of your cloud infrastructure, WKL recommend this approach. The more access that WKL is given, the higher the efficacy of the test.

 

Operational Security Headaches

  • 34% Compliance
  • 33% Lack of Visibility into infrastructure security
  • 31% Lack of qualified staff

Biggest Cloud Security Threats

  • Unauthorized Access
  • Insecure Interfaces/APIs
  • Misconfiguration of the cloud platform
  • Hijacking of accounts services or traffic
  • External sharing of data
  • Malicious insiders
  • Malware/ransomware

FAQ: Cloud Security Testing

Can I get Pentesting on any cloud service?
Yes, as long as you own those cloud resources. There are essentially two categories of cloud offerings:

User-Operated Services  These cloud offerings are primarily created and configured by the users themselves, with little or no interaction with the hosting provider (such as EC2). Generally speaking, these can be thoroughly tested and have few restrictions except for denial of service (DDoS) and related disruptions to business continuity.

Vendor Operated Services ” Cloud offerings which are owned/operated by the by the vendor, and provided as a service.” Examples would be Gmail, Dropbox, Salesforce, and AWS services like Cloudfront. That’s not to say implementations of these don’t have vulnerabilities, but just that the testing focuses on implementation and configuration, rather than the infrastructure testing which is owned by the provider.
As demonstrated with breaches involving S3 buckets, there are many misconfigurations, permissions, and implementation flaws which can make an individual instance vulnerable to compromise, but penetration testing on those platforms doesn’t involve attacking the cloud provider infrastructure itself.

Do I need to alert my CSP if White Knight Labs is performing cloud penetration testing on my resources?
No, the main CSPs no longer requires prior approval of a pentest.

For granular penetration testing policies for each CSP, see below:

Passionate and forward-thinking security experts, our engineers bring decades of technical experience as world-class offensive cyber experts.

Services

Quick Contact

Copyright © White Knight Labs all rights reserved.