Explore the challenges and methods of conducting penetration testing in cloud environments in this 30-minute conference talk from USENIX LISA14. Learn about the delicate balance between cloud providers' security concerns and the necessity for customers to verify their data safety. Discover the conditions and limitations of permissions for penetration testing in the cloud, and examine targeted testing approaches that minimize impact on multi-tenant hardware. Gain insights into innovative techniques, such as using Docker instances to simulate hacker activities and leveraging internal network interfaces for attack simulations. Presented by Dan Lambright, a principal software engineer at Red Hat and adjunct professor of Intrusion Detection at the University of Massachusetts Lowell, this talk offers valuable knowledge for IT professionals seeking to enhance cloud infrastructure security.
Overview
Syllabus
LISA14 - Penetration Testing in the Cloud
Taught by
USENIX
Related Courses
-
Learn Ethical Hacking and Penetration Testing | EHPT+
-
Building a Multi-Landlord Public Cloud
-
Automotive Penetration Testing with Scapy
-
Testing Storage Systems - Methodology and Common Pitfalls
-
Penetration Testing Management - Problems in Large Corporations
-
JEA - A PowerShell Toolkit to Secure a Post-Snowden World
