Articles

The AWS Password Policy dictates the security standards and management of AWS IAM User passwords used for access to the AWS Console. We extend the default policy to increase security and minimise additional processes providing the most efficient password management configuration we can design.

An AWS security assessment evaluates the security posture of an AWS account, analysing the cloud resources contained in an account and their configuration. The goal of this assessment is to find any resources or vulnerabilities that can be maliciously utilised to compromise any services hosted in the AWS Account. Minimising these vulnerabilities will result in the hosted services being more resilient to attack and therefore adopting a stronger security posture.

In our previous article, we explored the benefits of adopting a multi-cloud architecture. In this article, we’ll deliver as promised some introductory architectures that can serve as your starting point for adopting a multi-cloud infrastructure.

Leveraging multi-cloud technologies and architectural patterns is becoming an increasingly important part of modern technology architecture. Whilst multi-cloud approaches offer numerous advantages, they also add complexity resulting in an expanded knowledge burden, additional access controls and an absence of replicable patterns.

If you are hosting applications on Amazon Web Services (AWS), it is important to consider the impact to AWS from your penetration testing. A key aspect of this consideration is determining whether what penetration testing can be safely conducted on the AWS platform without advanced permission and which testing should be abstained from without prior agreement.

Cloud providers come with built-in firewalls and firewall rules that control traffic routes and access to cloud resources. Proper configuration management of these firewall rules is absolutely critical, as they determine who or what is able to access your resources at a basic level. In our experience, improperly configured firewall rules are often involved in cloud security compromises.

Firewalls can take many forms such as Web Application Firewalls. For this article we consider AWS Security Groups and Azure Security Groups as “firewall rules” as they represent firewall rule functionality that is often found on network equipment such as pfsense Firewall Rules or Cisco Access Rules.

Cloud penetration testing is a specialised form of penetration testing that focuses on identifying vulnerabilities in the infrastructure, configuration, and accessibility of cloud resources. Regular penetration testing is focused on testing an application directly by identifying vulnerabilities that malicious actors might exploit directly in the application.

However, when applications are hosted in the cloud, the security of the cloud infrastructure itself becomes crucial. Tools and services provided by the cloud environment play a key role in safeguarding applications, potentially nullifying application level vulnerabilities. At the same time, this cloud configuration introduces a level of complexity that is not usually present in traditional hosting environments.

Automated penetration testing differs from regular penetration testing by utilising a set of tools and services that continuously test applications to identify and exploit both new and old vulnerabilities. Most tools available in the cloud and application security space have some level of automation, with some tools operating entirely automatically, requiring a small number of initial commands and configuration. These automated tools handle various components of the testing process, such as discovery, identification, scanning, and simulated attacks.