At 2nd Sight Lab we focus on helping you improve security - not just finding some obscure way to attack your systems. We have a set process for performing penetration tests on cloud accounts. By using the same approach each time we can dive deeper faster, and provide more value. We perform a combination of assessment and penetration activities to determine the overall security of your account and the applications running in it.

Qualifications and Cetifications

Teri Radichel, principle penetration tester has three of the certifications recommended by PCI: GCIH, GPEN, GXPN and is a SANS GSE. She also holds a certification in reverse engineering and teaches cloud penetration testing in the 2nd Sight Lab Cloud Security Architecture and Engineering class. She also has a master of software engineering, master of information security engineering, and has over 25 years of programming and security experience. Teri is also an AWS Hero and runs the Seattle AWS Architects & Engineers Meetup which has close to 3,000 members. she is a member of Infragard and formerly worked for companies like F5, Nordstrom, and Capital One, either as an employee or as a consultant. She was on the initial team that helped Capital One move production workloads to the cloud. She is also an IANS Faculty Member and SANS Institute awarded her the SANS Difference Makers Award for her innovative work in cloud security. Teri hires only highly qualified contractors and partner penetration testing companies whom she knows personally to assist with penetration tests as required.

Scope

We perform the following activities during a pentest of your AWS, Azure, or GCP account:

• Web application testing to see if vulernable applications provider access.
• Assess cloud configuration in AWS, Azure, or GCP.
• Tests include some reverse engineering and limited code review
• Cloud architecture reviews are also available upon request, and requires system documentation
• Our tests involve fuzzing for maximum coverage

Engagement

• Tests are performed part time at random times over 3-4 week period.
• Testing period is a defined period with a start and end date
• Testing is performed from an AWS region and network access must be available
• We test in non-production environments and can verify in production
• Rate limiting needs to be turned off in order for fuzzing to work
• Contacts must be available who can help restore access as needed
• We report in as desired by the client
• We require approval of a C-Level executive to perform the test
• Client must provide appropriate credentials and respond in a timely manner

Cloud Penetration Testing Process

The cloud penetration process is different due to dynamic nature ephemeral resources and limitations on certain types of testing. Testers must understand cloud technologies and cloud provider specific requirements related to scope. We request cloud credentials with a specific role and domain names, URLs, and an AWS account number instead of IP addresses. We test from dynamic IP addresses in an AWS region. We help customers understand the process further in the setup phase of the penetration test. We aim for coverage over stealth.

High-level penetration testing steps:

1. Define scope and rules of engagement with customer
2. Set up and Reconnaissance
3. Scan web applications, network, and cloud account
4. Exploitation
5. Validation of findings by various tools
6. Report Writing and Delivery


Penetration Testing Report

Our reports include high-level and detailed priorized findings, steps to reproduce, recommended remediation, and additional resources related to each finding.


To request a penetration test, connect with Teri on LinkedIn or Twitter or call 206.909.8374 and leave a message.