PENTEST: CLOUDPROTECT YOUR CLOUD ENVIRONMENT
WHAT ARE ENTRY POINTS FOR ATTACKERS?
More and more organizations move to storing their data in clouds such as AWS, Azure or the Google Cloud. Companies do not lose their entire responsibility for the protection of this data by moving to the cloud. In fact, providers are responsible for protecting the cloud itself, but you as a user need to ensure the security of your data.
No matter how secure the underlying cloud infrastructure is: If applications are set up incorrectly in the cloud, weak passwords are used, or permissions are not set restrictively enough, attackers can exploit these vulnerabilities to potentially compromise the entire cloud infrastructure.
During our cloud pentest, our security analysts comprehensively analyze your entire cloud environment and identify possible entry points for attackers.
COMMON VULNERABILITIES INCLUDE:
- Improperly configured user and access management (misconfigured IAM policies)
- Unauthorized reading of data (e.g., misconfigured AWS S3 buckets)
- Typical vulnerabilities in traditional IT systems and web applications, depending on the operational concept (e.g., classic rehosting after “lift and shift”)
WHAT IS OUR APPROACH?
Our pentests are conducted according to a standardized approach, which is enhanced by specific aspects for cloud pentests:
Our experts rely on their many years of experience in analyzing on-premise solutions when analyzing systems and applications for vulnerabilities in cloud environments. Our experts additionally examine your environment for vulnerabilities in cloud services using established cloud-specific tools. The results are integrated into our usd HeroLab Toolchain. All information obtained this way is then incorporated into the manual review of your cloud environment.
- Examining AWS S3 buckets for access permission misconfigurations
- Code review of deployed Lambda functions
- Privilege escalation due to misconfigured IAM roles
- Unauthorized access to the EC2 Instances or Azure VMs metadata service
- Misconfigurations of local AD domain integration into Azure AD
When running infrastructures in the cloud, you need to consider further attack vectors. Your data may be compromised if cloud services are not configured securely. We therefore recommend you check the secure configuration of your cloud subscription by conducting an audit. Please contact us for more detailed information.