Cloud Penetration Testing
How We Pentest your AWS, Azure, or GPC Account
At 2nd Sight Lab we focus on helping you improve security - not just finding some
obscure way to attack your systems. We have a set process for performing penetration
tests on cloud accounts. By using the same approach each time we can dive deeper
faster, and provide more value. We perform a combination of assessment and
penetration activities to determine the overall security of your account
and the applications running in it.
Qualifications and Cetifications
Teri Radichel, principle penetration tester has three of the certifications
recommended by PCI: GCIH, GPEN, GXPN and is a SANS GSE
. She also holds a certification
in reverse engineering and teaches cloud penetration testing in the 2nd Sight
Lab Cloud Security Architecture and Engineering class
. She also has a master of software engineering,
master of information security engineering, and has over 25 years of programming and
security experience. Teri is also an AWS Hero
and runs the Seattle AWS Architects & Engineers Meetup which has close to 3,000 members.
she is a member of Infragard and formerly worked for companies like F5, Nordstrom, and
Capital One, either as an employee or as a consultant. She was on the initial team
that helped Capital One move production workloads to the cloud. She is also an IANS Faculty
Member and SANS Institute awarded her the SANS Difference Makers Award for her
innovative work in cloud security. Teri hires only highly qualified contractors
and partner penetration testing companies whom she knows personally to assist with penetration tests as required.
We perform the following activities during a pentest of your AWS, Azure, or GCP account:
- Web application testing to see if vulernable applications provider access.
- Assess cloud configuration in AWS, Azure, or GCP.
- Tests include some reverse engineering and limited code review
- Cloud architecture reviews are also available upon request, and requires system documentation
- Our tests involve fuzzing for maximum coverage
Cloud Penetration Testing Process
- Tests are performed part time at random times over 3-4 week period.
- Testing period is a defined period with a start and end date
- Testing is performed from an AWS region and network access must be available
- We test in non-production environments and can verify in production
- Rate limiting needs to be turned off in order for fuzzing to work
- Contacts must be available who can help restore access as needed
- We report in as desired by the client
- We require approval of a C-Level executive to perform the test
- Client must provide appropriate credentials and respond in a timely manner
The cloud penetration process is different due to dynamic nature ephemeral resources and limitations
on certain types of testing. Testers must understand cloud technologies
and cloud provider specific requirements related to scope.
We request cloud credentials with a specific role and domain names, URLs, and
an AWS account number instead of IP addresses. We test from
dynamic IP addresses in an AWS region.
We help customers understand the
process further in the setup phase of the penetration test. We aim for coverage over stealth.
High-level penetration testing steps:
1. Define scope and rules of engagement with customer
2. Set up and Reconnaissance
3. Scan web applications, network, and cloud account
5. Validation of findings by various tools
6. Report Writing and Delivery
Penetration Testing Report
Our reports include high-level and detailed priorized findings, steps to reproduce,
recommended remediation, and additional resources related to each finding.
Request a Penetration Test
To request a penetration test, connect with Teri on LinkedIn
or call 206.909.8374 and leave a message.