What are cloud security assessments?
A cloud security assessment is aimed at identifying exploitable weaknesses in cloud environments. Our cloud penetration testing services can assess configuration, permissions models as well as hybrid and multi-cloud environments to determine which avenues of attack are plausible within your estate.
Context offers the following cloud vulnerability assessment services:
- Baseline account configuration review
These configuration reviews can be done in AWS, Azure, and Google Cloud Platform and assess the configuration of a cloud account itself, its access permissions, and any resources deployed within the account. What resources are users able to access? How could resources be misconfigured? And how might a potential attacker leverage these misconfigurations?
- Assumed compromise breakout assessment
These breakout assessments involve starting from an assumed compromise position on a compute instance and assessing what the blast radius is, and what an attacker can achieve from that position. Can other instances be accessed? Or worse, can they achieve privilege escalation within the account and gain full control of the cloud account?
- Egress assessment – breaking out
For private hybrid cloud environments, where a public cloud provider is not being used for any public-facing services but purely as an extension of an on-premise environment, we can offer an extensive egress assessment. This serves to determine if any services have not been locked down sufficiently and therefore allow data to flow out from the VPC to the Internet, or worse, out from an on-premise instance, through the VPC and out to the Internet.
- Bespoke scenario assessment
This can be tailored specifically to your estate, assessing the extent at which specific scenarios can or cannot be achieved by each threat actor in your threat model.
These are in addition to our usual service offerings which can all also be performed inside cloud environments (e.g. web application assessments, build reviews, internal and external infrastructure assessments and others).
Context’s cloud security testing allows you to:
- Verify that your baseline account configurations are set up securely
- Review hybrid and multi-cloud environments for vulnerabilities
- Examine a broad variety of threat scenarios to determine the risk of your cloud environment being abused or compromised
Download our cloud security testing services brochure for more information: