SEC588: Cloud Penetration Testing. What is it? What\\'s different, and why?

  • Webcast Aired Tuesday, 12 Nov 2019 3:30PM EST (12 Nov 2019 20:30 UTC)
  • Speaker: Moses Frost

Everyone has been speaking about Cloud and Public Cloud Technologies for many years now. Many organizations have been steadily moving their workloads into either public utility clouds, platforms, or at times internal private clouds. One commonly asked question; is the cloud substantially different than other technologies or is it just a big computer in the sky? Yes! To both! There is an adage that goes something like \Unix! It's all the same but different". The cloud is pretty much the same in many aspects. In this webcast, we are going to show you how in Cloud EVERYTHING is both the SAME and DIFFERENT. We will be talking about why penetration testing in the cloud features some of our well known and well-loved principals like privilege escalation, but also how it's vastly different in both technologies and features.

More importantly, where Cloud Penetration Testing fits into the SANS Penetration Testing curriculum and how it's a class that is unique to the industry. Join me, Moses Frost, the course author, as we go after clouds.