Summary
AWS is one of the most popular cloud platforms around. You will almost certainly be expected to work with AWS applications and services as a cloud pentester.
AWS includes a lot of its own security controls and tools that your organization may or may not be using. It really ought to be using them, as implementing Amazon’s own security controls is a crucial cybersecurity baseline that can prevent a lot of cyberattacks.
Some of the many first-party AWS security applications include Amazon Inspector, AWS Security Hub, and Amazon GuardDuty.
There are also third-party scripts and tools that you can use to conduct vulnerability scans and pentests while abiding by Amazon’s policies. They include Prowler, Pacu, CloudFront, and many others.
It’s important to understand Amazon’s pentesting policies and rules and abide by them. Amazon owns all AWS infrastructure. So, even when you’re working with your organization’s AWS network, you...
