Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cloud Penetration Testing
  • Table Of Contents Toc
Cloud Penetration Testing

Cloud Penetration Testing

By : Kim Crawley
4.1 (12)
close
close
Cloud Penetration Testing

Cloud Penetration Testing

4.1 (12)
By: Kim Crawley

Overview of this book

With AWS, Azure, and GCP gaining prominence, understanding their unique features, ecosystems, and penetration testing protocols has become an indispensable skill, which is precisely what this pentesting guide for cloud platforms will help you achieve. As you navigate through the chapters, you’ll explore the intricacies of cloud security testing and gain valuable insights into how pentesters evaluate cloud environments effectively. In addition to its coverage of these cloud platforms, the book also guides you through modern methodologies for testing containerization technologies such as Docker and Kubernetes, which are fast becoming staples in the cloud ecosystem. Additionally, it places extended focus on penetration testing AWS, Azure, and GCP through serverless applications and specialized tools. These sections will equip you with the tactics and tools necessary to exploit vulnerabilities specific to serverless architecture, thus providing a more rounded skill set. By the end of this cloud security book, you’ll not only have a comprehensive understanding of the standard approaches to cloud penetration testing but will also be proficient in identifying and mitigating vulnerabilities that are unique to cloud environments.
Table of Contents (20 chapters)
close
close
Lock Free Chapter
1
Part 1: Today’s Cloud Networks and Their Security Implications
5
Part 2: Pentesting AWS
9
Part 3: Pentesting Microsoft Azure
13
Part 4: Pentesting GCP

Summary

In this chapter, we learned which services manage containerization in GCP. We deployed our own Docker and Kubernetes clusters. Then, we conducted a security assessment with Trivy.

The default way to deploy a Docker containerization system in GCP uses Cloud Build to simplify the Docker build steps and Cloud Run to help run containerized apps, all while your Docker host runs in GCE.

The simplest way to deploy Kubernetes in GCP is to use GKE.

Trivy is a third-party pentesting application that has lots of great features for vulnerability scanning both Docker and Kubernetes deployments.

In the next and final chapter, I’ll quiz you on what we’ve learned in the previous 12 chapters. Plus, I’ll give you tips for writing and signing pentesting contracts, more tips for writing pentest reports, and introduce you to cloud and pentesting-related certifications that may make you more employable as a cloud pentester.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Cloud Penetration Testing
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon