Cloud Security Training and Consulting
2nd Sight Lab . Blog . Connect . Follow . Call
Cloud Penetration Testing

How We Pentest your AWS, Azure, or GPC Account

At 2nd Sight Lab we focus on helping you improve security - not just finding some obscure way to attack your systems. We have a set process for performing penetration tests on cloud accounts. By using the same approach each time we can dive deeper faster, and provide more value. We perform a combination of assessment and penetration activities to determine the overall security of your account and the applications running in it.

Cloud Security Assessments

We perform an assessment of your account with every pentest as part of the standard proces we perform. If you wish to only have an assessment, with no exploitation, we can do that as well. We can also perform a security architecture review for an additional fee which requires the customer to provide appropriate documentation and account credentials.

Qualifications and Cetifications

Teri Radichel, principle penetration tester has three of the certifications recommended by PCI: GCIH, GPEN, GXPN and is a SANS GSE. She also holds a certification in reverse engineering and teaches cloud penetration testing in the 2nd Sight Lab Cloud Security Architecture and Engineering class. She also has a master of software engineering, master of information security engineering, and has over 25 years of programming and security experience. Teri is also an AWS Hero and runs the Seattle AWS Architects & Engineers Meetup which has close to 3,000 members. she is a member of Infragard and formerly worked for companies like F5, Nordstrom, and Capital One, either as an employee or as a consultant. She was on the initial team that helped Capital One move production workloads to the cloud. She is also an IANS Faculty Member and SANS Institute awarded her the SANS Difference Makers Award for her innovative work in cloud security. Teri hires only highly qualified contractors and partner penetration testing companies whom she knows personally to assist with penetration tests as required.

Scope

We perform the following activities during a pentest of your AWS, Azure, or GCP account:
  • Web application testing to see if vulernable applications provider access.
  • Assess cloud configuration in AWS, Azure, or GCP.
  • Tests include some reverse engineering and limited code review
  • Cloud architecture reviews are also available upon request, and requires system documentation
  • Our tests involve fuzzing for maximum coverage

Engagement

  • Tests are performed part time at random times over 3-4 week period.
  • Testing period is a defined period with a start and end date
  • Testing is performed from an AWS region and network access must be available
  • We test in non-production environments for best results
  • We can verify vulnerabilities in production
  • Rate limiting needs to be turned off in order for fuzzing to work
  • Contacts must be available who can help restore access as needed
  • We report in as desired by the client
  • We require approval of a C-Level executive to perform the test
  • Client must provide appropriate credentials and respond in a timely manner

Cloud Penetration Testing Process

We generally follow the SANS penetration testing process, however testing in the cloud is different due to dynamic nature ephemeral resources and limitations on certain types of testing. Testers must understand cloud technologies and cloud provider specific requirements related to scope. We request cloud credentials with a specific role and domain names, URLs, and an AWS account number instead of IP addresses. We test from dynamic IP addresses in an AWS region to simulate real world attacks. We help customers understand the process further in the setup phase of the penetration test. We aren't that sneaky - our goal is to find as many gaps as possible so you can maximize the return on your penetration investment.

High-level penetration testing steps:

1. Define scope and rules of engagement with customer
2. Set up and Reconnaissance
3. Scan web applications, network, and cloud account
4. Exploitation
5. Validation of findings by various tools
6. Report Writing and Delivery


Penetration Testing Report

Our reports include high-level and detailed priorized findings, steps to reproduce, recommended remediation, and additional resources related to each finding.

Request a Penetration Test

To request a penetration test, connect with Teri on LinkedIn or Twitter or call 206.909.8374 and leave a message.

© 2018 2nd Sight Lab, LLC | Seattle, Washington