ChaptersCircleEventsBlog
Get early access to CSA’s Trusted AI Safety Certification Program—updates, resources & beta invites!

Download Publication

Cloud Penetration Testing Playbook: Korean Translation
Cloud Penetration Testing Playbook: Korean Translation

Cloud Penetration Testing Playbook: Korean Translation

Release Date: 04/02/2021

Working Group: Top Threats

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translated content falls outside of the CSA Research Lifecycle. For any questions and feedback, contact research@cloudsecurityalliance.org.

As cloud services continue to enable new technologies and see massive adoption there is a need to extend the scope of penetration testing into public cloud systems and components. The process described here aims to provide the foundation for a public cloud penetration testing methodology and is designed for current and future technologies that are hosted on public cloud environments or services. In particular, this document focuses on penetration testing of applications and services hosted in the cloud. It addresses the methodological and knowledge gaps in security testing of information systems and applications in public cloud environments.

This work focuses on testing systems and services hosted in public cloud environments. This refers to customer-controlled or customer-managed systems and services. For example, a custom virtual machine, managed and controlled by the cloud customer, in an IaaS environment would be in-scope whereas the hypervisor of an IaaS environment that is controlled by the cloud service provider isn’t. As for testing hybrid clouds, this document does not cover the hybrid interface and on-premises environment.

Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
View translations
Related resources
State of SaaS Security Report 2025
State of SaaS Security Report 2025
Zero Trust Privacy Assessment and Guidance - Japanese Translation
Zero Trust Privacy Assessment and Guidance - Ja...
CSA Code of Conduct to EU Cloud Code of Conduct Mapping
CSA Code of Conduct to EU Cloud Code of Conduct...
Demystifying Integrations: APIs, Connectors, Collectors, and Agents
Demystifying Integrations: APIs, Connectors, Collectors, and Agents
Published: 05/12/2025
A CISO's Guide to Reporting on Cloud Security (Without Putting Everyone to Sleep)
A CISO's Guide to Reporting on Cloud Security (Without Putting Ever...
Published: 05/09/2025
Unpacking the 2024 Snowflake Data Breach
Unpacking the 2024 Snowflake Data Breach
Published: 05/07/2025
Threat Modeling Google's A2A Protocol with the MAESTRO Framework
Threat Modeling Google's A2A Protocol with the MAESTRO Framework
Published: 04/30/2025
Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training