You're reading from Cloud Security Handbook Find out how to effectively secure cloud environments using AWS, Azure, and GCP

Product type Paperback

Published in Apr 2022

Publisher Packt

ISBN-13 9781800569195

Length 456 pages

Edition 1st Edition

Tools

AWS

Concepts

Cloud Computing

Author (1):

Eyal Estrin

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Securing Infrastructure Cloud Services

2. Chapter 1: Introduction to Cloud Security FREE CHAPTER

3. Chapter 2: Securing Compute Services

4. Chapter 3: Securing Storage Services

5. Chapter 4: Securing Networking Services

6. Section 2: Deep Dive into IAM, Auditing, and Encryption

7. Chapter 5: Effective Strategies to Implement IAM Solutions

8. Chapter 6: Monitoring and Auditing Your Cloud Environments

9. Chapter 7: Applying Encryption in Cloud Services

10. Section 3: Threats and Compliance Management

11. Chapter 8: Understanding Common Security Threats to Cloud Services

12. Chapter 9: Handling Compliance and Regulation

13. Chapter 10: Engaging with Cloud Providers

14. Section 4: Advanced Use of Cloud Services

15. Chapter 11: Managing Hybrid Clouds

16. Chapter 12: Managing Multi-Cloud Environments

17. Chapter 13:Security in Large-Scale Environments

18. Other Books You May Enjoy

Conducting penetration testing in cloud environments

One of the ways to raise our assurance with a cloud provider is to conduct a penetration test to measure the effectiveness of their security controls.

In the SaaS model, a penetration test allows us to measure how the SaaS provider protects our data. In the IaaS model, a penetration test allows us to measure the effectiveness of the security controls we have implemented. In IaaS environments, we are in charge of the OS layer and the network environment around the virtual machines or containers.

In PaaS environments, specifically in serverless (or Function as a Service (FaaS)), we are not in charge of the lower layer of the OS; however, since we import our code, we are in charge of making sure we follow a secure development life cycle.

In SaaS environments, we are only in charge of inserting data and controlling access to the service.

If we expose a service to the internet or use a SaaS service, we need to evaluate topics...

The rest of the chapter is locked

You're reading from Cloud Security Handbook Find out how to effectively secure cloud environments using AWS, Azure, and GCP

Table of Contents (19) Chapters

Conducting penetration testing in cloud environments

Authors (1)

Personalised recommendations for you

You're reading from Cloud Security Handbook Find out how to effectively secure cloud environments using AWS, Azure, and GCP

Table of Contents (19) Chapters

Conducting penetration testing in cloud environments

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you