Cloud 101CircleEventsBlog
Register now for CSA’s free Virtual AI Summit taking place January 17-18th

Download Publication

Cloud Penetration Testing Playbook: Korean Translation
Cloud Penetration Testing Playbook: Korean Translation

Cloud Penetration Testing Playbook: Korean Translation

Release Date: 04/02/2021

Working Group: Top Threats

This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translated content falls outside of the CSA Research Lifecycle. For any questions and feedback, contact [email protected].

As cloud services continue to enable new technologies and see massive adoption there is a need to extend the scope of penetration testing into public cloud systems and components. The process described here aims to provide the foundation for a public cloud penetration testing methodology and is designed for current and future technologies that are hosted on public cloud environments or services. In particular, this document focuses on penetration testing of applications and services hosted in the cloud. It addresses the methodological and knowledge gaps in security testing of information systems and applications in public cloud environments.

This work focuses on testing systems and services hosted in public cloud environments. This refers to customer-controlled or customer-managed systems and services. For example, a custom virtual machine, managed and controlled by the cloud customer, in an IaaS environment would be in-scope whereas the hypervisor of an IaaS environment that is controlled by the cloud service provider isn’t. As for testing hybrid clouds, this document does not cover the hybrid interface and on-premises environment.

Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
View translations
Related resources
How to Design a Secure Serverless Architecture
How to Design a Secure Serverless Architecture
Data Loss Prevention in Healthcare
Data Loss Prevention in Healthcare
What is IAM for the Cloud?
What is IAM for the Cloud?
Mastering Data Flow: Enhancing Security and Compliance in the Cloud
Mastering Data Flow: Enhancing Security and Compliance in the Cloud
Published: 12/01/2023
A People-Centric Approach to Patching the Human Firewall
A People-Centric Approach to Patching the Human Firewall
Published: 11/29/2023
Not Just Code Vulnerabilities: The Overlooked Cause of Software Supply Chain Attacks
Not Just Code Vulnerabilities: The Overlooked Cause of Software Sup...
Published: 11/29/2023
5 Tips to Defend Against Access Brokers This Holiday Season
5 Tips to Defend Against Access Brokers This Holiday Season
Published: 11/27/2023
The Need for Intelligence-Driven Incident Response
The Need for Intelligence-Driven Incident Response
December 7 | Online
Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training