AWS cloud project to pentest AWS cloud architecture are not spoken about much - this stops today. We have Seth Art who works in the Cloud Penetration testing space with Bishop Fox to talk about open source tools and what Cloud pentesting is all about.
--------------------------------------------------------------------------------
Questions asked to Seth Art:
00:00 Introduction
04:24 A bit about Seth
06:10 Web App Pentesting vs Cloud Pentesting
08:11 Working with scale of multiple AWS accounts
10:20 What can you expect to find with Cloud Pentesting?
12:14 Foundational pieces about approaching pentesting in Cloud
15:19 How to start a Cloud Pentest?
18:25 The importance of IAM
23:43 Common services in AWS to look at
25:58 Mistakes people make for scoping
29:18 The role of shared responsibility in Cloud Pentesting
32:38 Boundaries for AWS pentesting
35:13 Nmapping between 2 EC2 instances
36:37 How do you explain the findings?
40:26 Skillsets required to transition to Cloud Pentesting
45:41 Transitioning from Kubernetes to Cloud Pentesting
48:55 Resources for learning about Cloud Pentesting.
49:47 The Fun Section
--------------------------------------------------------------------------------
📱Cloud Security Podcast Social Media📱
_____________________________________
Twitter: / cloudsecpod
Facebook: / cloudsecuritypodcast
LinkedIn: / cloud-security-podcast
Website: cloudsecuritypodcast.tv/
--------------------------------------------------------------------------------
This episode is brought to you by Snyk - snyk.io/csp
#awssecurity #cloudsecurity #cloudsecurityfundamentals