This Cloud Configuration Penetration Test uses a mix of advanced manual testing techniques, configuration benchmarking and automated scans to perform an in-depth health check to identify risks within your business.
This penetration test will help mitigate the threat from both opportunistic and determined attackers. It involves:
Download the full service description
At the end of the test, you will receive a comprehensive report broken down into:
High-level, non-technical summary of your business’ risks.
Detailed description of the methodologies followed and the scope of testing.
Overview, consultant’s commentary and detailed descriptions of each technical vulnerability identified and remediation advice.
Download the full service description
This test follows IT Governance’s proprietary security testing methodology, which is closely aligned with the SANS and Open Source Security Testing Methodology Manual (OSSTMM) methodologies. It will assess the following key areas:
This service is suitable for most organisations that use Cloud services and would like to ascertain any vulnerabilities within the tenancy and improve the hardening of services.
Identify and understand Cloud infrastructure misconfigurations and technology-related vulnerabilities to correct weaknesses.
Demonstrate a strong security posture to clients by providing third-party assurances that your Cloud infrastructure is secure.
Supports compliance with ISO 27001, the GDPR (General Data Protection Regulation), the PCI DSS (Payment Card Industry Data Security Standard), and other laws, regulations and contractual obligations.
Gain an understanding of how an attacker could traverse through your Cloud infrastructure if a public-facing service is compromised.
Our expert consultant will provide you with updates throughout the project from both technical and non-technical perspectives.
Our established penetration testing team has amassed extensive testing experience that ensures clients receive a comprehensive service.