Security
Reader small image

You're reading from  Building and Automating Penetration Testing Labs in the Cloud

Product typeBook
Published inOct 2023
PublisherPackt
ISBN-139781837632398
Edition1st Edition
Concepts
Penetration Testing
Right arrow
Author (1)
Joshua Arvin Lat
Joshua Arvin Lat
author image
Joshua Arvin Lat

Joshua Arvin Lat is the Chief Technology Officer (CTO) of NuWorks Interactive Labs, Inc. He previously served as the CTO for three Australian-owned companies and as director of software development and engineering for multiple e-commerce start-ups in the past. Years ago, he and his team won first place in a global cybersecurity competition with their published research paper. He is also an AWS Machine Learning Hero and has shared his knowledge at several international conferences, discussing practical strategies on machine learning, engineering, security, and management.
Read more about Joshua Arvin Lat

Right arrow

Recognizing the impact of cloud computing on the cybersecurity landscape

In the past, companies had to host their applications primarily in their data centers. Due to the operational overhead of managing their own data centers, most businesses have considered migrating their data and their workloads to the cloud. Some organizations have moved all their applications and data to the cloud, while others use a hybrid cloud architecture to host their applications in both on-premises data centers and in the cloud. Cloud computing has allowed companies to do the following:

  • Ensure continuous operations: High availability in the cloud ensures that applications and services remain accessible and operational, even in the event of failures or disruptions. By leveraging redundancy and fault-tolerant architectures offered by cloud providers, downtime is minimized, and uninterrupted access to resources is maintained.
  • Save money: No hardware infrastructure investment is needed to get started as cloud resources can be created and deleted within seconds or minutes. In addition to this, cloud platforms generally have a pay-per-use model for the usage of cloud resources.
  • Easily manage application workloads: Application workloads in the cloud can be managed remotely. In addition to this, resources can be scaled up and down easily, depending on what the business needs.
  • Easily manage data: Managing data becomes more streamlined and convenient in the cloud environment due to the availability of a wide range of services, features, and capabilities. Additionally, the virtually unlimited storage capacity offered by the cloud eliminates concerns related to handling large files. This enhanced data management capability in the cloud contributes to improved efficiency and scalability for companies.
  • Automate relevant processes: Building automated pipelines and workflows in the cloud is easier since most of the cloud services can be managed through application programming interfaces (APIs) and software development kits (SDKs).

With more companies storing their data in the cloud, there has been a significant increase in cloud attacks in the last couple of years. The attack surface has changed due to the rise of cloud computing, and along with it, the types of attacks have changed. Hackers can take advantage of vulnerable and misconfigured cloud resources, which could end up having sensitive data stored in the cloud stolen.

What do we mean by attack surface?

Attack surface refers to the collective set of potential vulnerabilities within a system that can be exploited by attackers. It encompasses various elements, including network interfaces, APIs, user access points, operating systems, and deployed cloud resources. Understanding and managing the attack surface is crucial for assessing and mitigating security risks in the cloud as it allows organizations to identify and address potential weak points that could be targeted by malicious actors.

With this in mind, here is a quick list of relevant cyberattacks on cloud-based data and applications:

  • Attacks on vulnerable application servers and misconfigured cloud storage resources: Attacks on vulnerable and misconfigured cloud resources such as APIs, virtual machines, CI/CD pipelines, and storage resources have resulted in serious data breaches around the world. Identities and information stolen from data breaches are used for identity theft and phishing.
  • Ransomware attacks in the cloud: Sensitive data stored in the cloud is constantly being targeted by hackers. Ransomware victims are generally asked to pay the ransom in Bitcoin or other cryptocurrencies. Bitcoin and other cryptocurrencies let users maintain their anonymity. This, along with other techniques, makes it hard for authorities to track down ransomware hackers.
  • Cloud account hijacking: Once a hacker takes over an organization’s cloud account, the hacker can freely spin up resources, access sensitive files, and use resources inside the account to attack other companies and accounts.
  • Distributed Denial-of-Service (DDoS) and Denial-of-Wallet (DoW) attacks: During a DDoS attack, an attacker seeks to make an online service unavailable by overwhelming and flooding deployed cloud resources with generated traffic. During a DoW attack, similar techniques are used to inflict financial damage (due to a large bill).

Over the years, the quantity and quality of tools focusing on cloud security have increased as cloud security threats have evolved and become more widespread. More security tools and utilities became available as the number of disclosed vulnerabilities increased every year. These tools ranged from simple scripts to sophisticated frameworks and modules that can be configured to suit the needs of an attacker. Security professionals have seen tools and products evolve over time as well. In the past, cloud security products needed to be installed and set up by the internal teams of companies. These past few years, more managed cloud-based tools and services became available, most of which can be used immediately with minimal configuration. Here are some of the more recent security solutions that have become available for cloud security:

  • Various offensive security cloud tools and frameworks
  • Agentless vulnerability assessment tools for virtual machines in the cloud
  • Vulnerability assessment tools for container images
  • Vulnerability assessment tools and services for serverless compute resources
  • Machine learning-powered code security scanner tools and services
  • Cloud network security audit tools
  • Managed cloud firewalls
  • Managed cloud threat detection services
  • Artificial intelligence-powered security tools

At this point, we should have a better understanding of how cloud computing has shaped and influenced the cybersecurity landscape. In the next section, we will dive deeper into how modern applications are designed, developed, and deployed in the cloud.

Previous Page
Chapter 3 of 15, Page 3
Next Page
You have been reading a chapter from
Building and Automating Penetration Testing Labs in the Cloud
Published in: Oct 2023Publisher: PacktISBN-13: 9781837632398
© 2023 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at €14.99/month. Cancel anytime

Author (1)

author image
Joshua Arvin Lat

Joshua Arvin Lat is the Chief Technology Officer (CTO) of NuWorks Interactive Labs, Inc. He previously served as the CTO for three Australian-owned companies and as director of software development and engineering for multiple e-commerce start-ups in the past. Years ago, he and his team won first place in a global cybersecurity competition with their published research paper. He is also an AWS Machine Learning Hero and has shared his knowledge at several international conferences, discussing practical strategies on machine learning, engineering, security, and management.
Read more about Joshua Arvin Lat

Personalised recommendations for you

Based on your interests and search pattern

Attacking and Exploiting Modern Web Applications

Attacking and Exploiting Modern Web Applications

Attacking and Exploiting Modern Web Attacks will help you understand how to identify attack surfaces and detect vulnerabilities. This book takes a hands-on approach to implementation and associated methodologies and equips you with the knowledge and skills needed to effectively combat web attacks.

BookAug 2023338 pages
Automotive Cybersecurity Engineering Handbook

Automotive Cybersecurity Engineering Handbook

This Automotive Cybersecurity Engineering Handbook untangles the complexities of building secure automotive products and helps you to comply with cybersecurity standards. It provides practical tools, tips, and techniques coupled with real-world examples to enable you to create cyber-resilient automotive products with ease.

BookOct 2023392 pages
Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide

Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide

This book will help you to design, develop, and operate security controls on Google Cloud as well as discover best practices for relevant security domains, including identity and access management, network, and data.

BookAug 2023496 pages
Cloud Penetration Testing for Red Teamers

Cloud Penetration Testing for Red Teamers

The advent of cloud networks and the AWS, Azure, and GCP platforms has revolutionized how companies of all sizes in all industries do business online. This book will help you meet the emerging demand for pentesting as it guides you through the tools, techniques, and security measures used by pentesters and red teamers in the 2020s and beyond.

BookNov 2023298 pages
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide

ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide

ISACA Certified in Risk and Information Systems Control (CRISC®) Certification Guide is an enterprise IT risk management professional’s dream. With its in-depth approach and various self-assessment exercises, this book arms you with knowledge of every single aspect of the certification, and is a fantastic career companion after you’re certified.

BookSep 2023316 pages5
Burp Suite Cookbook

Burp Suite Cookbook

Burp Suite is an immensely powerful and popular tool for web application security testing. This book provides a collection of recipes that address vulnerabilities in web applications and APIs. It offers guidance on how to configure Burp Suite, make the most of its tools, and explore into its extensions.

BookOct 2023450 pages
Building and Automating Penetration Testing Labs in the Cloud

Building and Automating Penetration Testing Labs in the Cloud

This hands-on guide will help you design and build a variety of penetration testing labs that mimic modern cloud environments running on AWS, Azure, and GCP. In addition to these, you will explore a number of practical strategies on how to manage the complexity, cost, and security risks involved when setting up vulnerable cloud lab environments.

BookOct 2023562 pages
Ethical Hacking Workshop

Ethical Hacking Workshop

As cyber-attacks grow and APT groups advance their skillset, you need to be able to protect your enterprise against cyber-attacks. In order to limit your attack surface, you need to ensure that you leverage the same skills and tools that an adversary may use to hack your environment and discover the security gaps. This book will teach you how to think like a hacker, use state-of-the-art hacking tools, and protect yourself and your organizaiton.

BookOct 2023220 pages
Windows Forensics Analyst Field Guide

Windows Forensics Analyst Field Guide

This book contains step-by-step processes to guide you in any investigation related to Windows OS. You’ll find out how to acquire evidence using multiple tools as well as examine and analyze the collected artifacts, while discovering multiple techniques used in real-world forensic incidents.

BookOct 2023318 pages
Implementing DevSecOps Practices

Implementing DevSecOps Practices

This book is a comprehensive, hands-on guide for individuals new to DevSecOps who want to implement DevSecOps practices successfully and efficiently. With its help, you’ll be able to shift security toward the left, enabling you to merge security into coding in no time.

BookDec 2023258 pages