SEC588: Cloud Penetration Testing

How do clouds work? How do the offensive teams operate in these environments? What are the limits of testing? How do we scan for vulnerabilities externally and internally in a safe manner? The first section of the course is designed to help the student begin their Cloud Assessment journey.

While Section One covered the mechanisms for starting and evaluating an environment, Section Two deals with a core component of the cloud. Identity Systems are core to most cloud environments, so we dedicate a whole section to evaluating them. This includes a comprehensive evaluation of Microsoft Entra ID and its key strengths.

In Section 3, students will attack the cloud infrastructure assets. Students will learn how to leverage these assets to navigate cloud environments further, elevate privileges, and persist. Cloud Infrastructures can be highly complex, and in that complexity, the students will learn how to navigate and assess the risk each attack path poses.

Section 4 will walk the students through workloads in the cloud. Applications in the cloud are one of the most common workloads in the cloud, beyond internal data center migration. One of the key features of many of these applications is their cloud-integrated nature. Learning how to assess these systems will be crucial during assessment work.

Section 5 provides the student with an overview of infrastructure core components that are cloud-agnostic. Containers comprise a significant portion of cloud workloads. This section provides students with a methodology for assessing container and container workloads. The section concludes with an assessment of work on Kubernetes.

In a final capstone event, we demonstrate cloud penetration testing's unique demands and the specialized expertise required to go beyond traditional security assessments. Students collaboratively bring their new knowledge to bear on a simulated end-to-end test, reinforcing theory and practice and producing an effective, readable report.