Understanding AWS Penetration Testing: AWS Security Part I
3 min read
Amazon Web Services is a cloud platform provided by Amazon, providing on-demand cloud computing platforms and APIs on a metered pay-as-you-go model.
AWS provides services like compute and storage, content delivery, security management, network infrastructure, and physical hosting facility for tenant organizations falling into Infrastructure as a service (IaaS), Platform as a service (PaaS), and Software as a service (SaaS).
Pentesting and AWS Pentesting
Pentesting, also known as penetration testing, is the practice of testing a computer system, network, or web application to identify vulnerabilities that an attacker could exploit. In the context of AWS (Amazon Web Services), pentesting refers to the practice of identifying vulnerabilities in the security of AWS resources, such as Amazon EC2 instances, Amazon S3 buckets, and Amazon RDS databases.
There are a few different approaches you can take to perform pentesting in AWS:
Manual pentesting: This involves manually testing the security of AWS resources by manually attempting to exploit vulnerabilities. This can be time-consuming, but it can be effective for identifying subtle or complex vulnerabilities.
Automated pentesting: There are a number of tools available that can automate the process of identifying vulnerabilities in AWS resources. These tools can be faster than manual pentesting, but they may not be as thorough.
Need of Cloud Pentesting
Cloud Pentesting is designed to assess the strengths and weaknesses of a cloud system to improve its overall security posture by:
Identifying risks, and vulnerabilities in configurations and applications
Understanding the impact of exploitable vulnerabilities
Providing best practices with clear and actionable remediation information
Area of focus during AWS Pentesting
The below-listed areas are focused on when performing the pentesting of the AWS Cloud environment:
Internal and External Infrastructure of AWS cloud
Applications hosted on the platform
AWS configuration review
Types of AWS Penetration Testing
Security of Cloud
The security of cloud services of the AWS cloud is the responsibility of AWS as they should be secured against any attacks at the infrastructure/ platform/ service level. This mainly includes the flaws related to AWS services, 0-days, (D)DOS, and any disruption against performance.
Security in Cloud
The applications and services deployed in the AWS cloud infrastructure should be secured against any attacks by following best security practices and regular penetration testing such that the security of the applications deployed in the AWS cloud.
AWS Services Pentesting without pre-approval
Amazon EC2 instances
Amazon API Gateways
AWS LightSail resources
Amazon Elastic Beanstalk environments
Prohibited actions during Penetration Testing
DNS zone walking via Amazon Route 53 Hosted Zones
Denial of Service (DoS), Distributed Denial of Service (DDoS), Simulated DoS, Simulated DDoS (Refer to DDoS Simulation Testing policy for more)
Request flooding (login request flooding, API request flooding)
Part II: Understanding AWS Penetration Testing: AWS Security Part-II