CSR
CLOUD SECURITY REVIEW
Redbot Security’s Cloud Security Review (CSR) focuses on private and public architecture, policies, and permissions in production and development cloud environments for Amazon Web Services (AWS) Google Cloud Platform (GCP) and Microsoft Azure (Azure)
Use the Quick Contact form below for a Cloud Security Review -or- tell us more details about your upcoming project.
The very first activity in a cloud security review is the mapping of the cloud-based attack surface from internal and external perspectives. After mapping the attack surface, the testing perspective for the points below is that a malicious threat actor now has some level of access to the cloud environment. The intent of this testing perspective is to provide the client with security enhancements that can be implemented to prevent high-level impact if a breach occurs.
Redbot Security will review and recommend best-practice security (see Details Below)
A CSR is not a penetration test; however, a question that comes up often is “can I penetration test AWS or other cloud?”
You can carry out penetration tests against or from resources on your AWS account by following the policies and guidelines at Penetration Testing. You don’t need approval from AWS to run penetration tests against or from resources on your AWS account.
If you plan to run a security test other than a penetration test, see the guidelines at Other simulated events.
Note: You aren’t permitted to conduct any security assessments of AWS infrastructure that isn’t on your AWS account. You also aren’t permitted to conduct security assessments of AWS services themselves.
Redbot Social