Cloud Penetration Testing

Service Context

Cloud Penetration Testing is a crucial step for organisations that are in the process of or have already migrated to the cloud. Cyber Alchemy’s comprehensive cloud penetration tests allow businesses to identify and address vulnerabilities in their cloud environment, reducing the risk of cyber-attacks and ensuring the safety of their sensitive data. Whatever the cloud provider, service or use case, our cloud professionals can proactively identify and assist in addressing potential risks and maintain a secure and compliant cloud environment.

Key Benefits

Proactive Vulnerability Identification: Identify vulnerabilities and misconfigurations in cloud environments that may not be detected by automated scans or general penetration testing approaches before they can be exploited.
Maximise The Value Of Cloud Investments: Many cloud PaaS and SaaS platforms have an abundance of features that organisations underutilise. As part of the engagement, Cyber Alchemy’s consultants work with our clients to understand how all available features can be leveraged to maximise return on investment
Clarified Posture: Clarify your understanding of your cloud infrastructure, ensuring an understanding of what is in your environment, how it is being used and what the current attack surface is.
Full Stop Remediation™ gives the opportunity to directly upskill internal IT teams with bespoke training courses created to address the issues identified during the security assessment.

Why Cyber Alchemy?

Broad Expertise: Our cloud experts share experience securing a broad range of cloud providers, including Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) and Oracle Cloud. Whether you require Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS) cloud systems assessing, our cloud specialists will be able to help.

Comprehensive Coverage: Our testing methodology provides comprehensive coverage of your cloud environment, including the underlying infrastructure, platforms, and applications. We evaluate a wide range of potential threats, including data breaches, insider threats, and cyber attacks. By leaving no stone unturned, we identify vulnerabilities and offer effective solutions to protect your cloud environment.

Beyond Compliance: Unlike automated assessments based on best practice benchmarks, our Cloud Penetration Testing service goes beyond mere compliance. We understand that each organisation has unique needs and use cases, which is why we adopt a tailored approach. This allows us to identify specific risks and provide actionable recommendations, prioritising critical issues. By addressing these vulnerabilities, we significantly reduce the risk of security incidents and data breaches, ensuring a safer cloud environment for your business

Continuous Testing: Our Cloud Penetration Testing service can be performed regularly to ensure ongoing security and compliance. By continuously testing your cloud environment, businesses can stay ahead of potential threats and maintain a secure and compliant cloud environment.

Full Stop Remediation™: Every cloud engagement has the opportunity to use our Full Stop Remediation™ service. Bespoke training delivered by our expert trainers covers the issues discovered in your cloud systems and gives your cloud administration team the skills to ensure the same issues don’t creep back into your infrastructure. Full details of our reporting and Full Stop Remediation™ can be found below.

Why do I need a Cloud Penetration Test?

Cloud penetration testing is essential for organisations operating in the cloud, even those that just use common Software as a Service (SaaS) applications like Microsoft 365 (M365). Simple misconfigurations in M365 can allow for significant breaches to occur or make responding to a breach significantly more challenging, for example:

Misconfigured SharePoint and OneDrive Permissions: Misconfigured SharePoint and OneDrive permissions can allow unauthorised access to sensitive files and data.
Email Forwarding Rules: Misconfigured email forwarding rules can lead to sensitive information being inadvertently sent to unintended recipients or malicious actors.
Unrestricted Global Admin Access: Unrestricted global admin access can give attackers complete control over an organisation’s Microsoft 365 environment.
Unmonitored Activity Logs: Lack of monitoring for suspicious activity can allow attackers to remain undetected for long periods, potentially resulting in a data breach.

For organisations that are more cloud-centric or further along in their cloud migration journey, cloud penetration testing brings even more benefits, assessing Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS) workloads. Increased usage and dependence on cloud systems can come with increased exposure and risk.

Finally, holistic assessment often also improves an organisation’s understanding of its cloud estate, cataloguing each service and its configuration, providing a benchmark to either improve or maintain, acting as a “known good” state to manage changes against.

Our Approach

The first stage of the engagement will define what needs to be tested, understand what the testing needs to achieve and why the testing is being conducted. Our diligent scoping process balances the breadth and depth of testing, providing robust assurance without unnecessary scope creep. We ensure the correct cloud services and applications will be tested with an appropriate approach based on the context of the systems and organisation.

The outputs of this stage will be:

A meeting to establish the context and functionality of the cloud environment.
A technical document outlining the scope of work to be signed off by both parties.
A proposal outlining the scope of works, delivery timelines, and commercials.

Our CREST and Cyber Scheme certified consultants use their expertise and the latest hacking tools to hunt for vulnerabilities. Industry-leading tools assist our consultants in applying their knowledge to assess your assets holistically. Once discovered, a robust vulnerability validation process ensures that only real threats are reported, saving your valuable resources to remediate what matters. Finally, where required and safe to do so, our consultants will determine an appropriate strategy to exploit the vulnerability, proving that an issue is present. All exploitation steps and any custom code will be provided along with the report, empowering administrators to quickly and effectively remediate the issue.

Detailed and digestible describe the outputs of every Cyber Alchemy engagement. Typically, this will be in a documented report with a follow-up meeting to discuss the assessment and the vulnerabilities found, ensuring every stakeholder understands the risks and the next steps to reduce those risks.

For organisations requiring in-depth and continuing remediation, every engagement has the opportunity to use our Full Stop Remediation™ service. Bespoke training delivered by our expert trainers covers the issues discovered in your cloud environments and gives your system administration team the skills to ensure the same issues don’t creep back into your cloud environment. Full details of our reporting and Full Stop Remediation™ can be found below.

The report contains the scope, technical approach, executive summaries, dynamic risk visualisations, prioritised vulnerabilities based on likelihood vs impact, and bespoke mitigation advice for each finding. Each report has three distinct and dedicated board, management, and technical personnel sections. Report clarity ensures understanding and enables informed decisions. Every Cyber Alchemy report will include the following:

Background: An overview of the assessment’s general purpose, scope, methodology, and timing.
Management Summary: A detailed but digestible summary of the results, such as key critical findings requiring immediate attention, system or recurring issues, and other general findings. This could also include strategic recommendations, offering long-term remediation actions to ensure ongoing risk reduction.
Technical Details: Comprehensive vulnerability results, including a description of the vulnerability observed, the impact, evidence of where the vulnerability was observed, step-by-step demonstrations of exploits performed which give teams the ability to internally verify the issues, and detailed remediation recommendations which give cloud administrators the steps to address every reported issue.
Methodology: A detailed recap of what was tested, the methodologies used, and the related historical information required for audiences such as auditors to understand the specifics of the test approach.
Attack Surface Analysis: Additional content and guidance, such as recommended post-assessment activities that provide added value to the audience of the report.

After every engagement, we offer a focused meeting to discuss the testing and outcomes. This allows system administrators and risk owners to ask specific questions to our expert consultants, ensuring all parties understand the context of the vulnerabilities, root cause and the real-world likelihood and impact of successful exploitation in the context of the organisation. The potential mitigation steps will be discussed, allowing for the implementation of robust measures and the possible effort to be understood.

We don’t believe that report delivery marks the end of the engagement; in fact, it’s just the beginning for us. We’re in every client relationship for the long haul, providing ongoing support to ensure that issues are robustly addressed in line with your organisation’s requirements.

After every engagement, we offer a focused meeting to discuss the testing and outcomes. This allows administrators and risk owners the opportunity to ask specific questions to our expert consultants, ensuring all parties understand the context of the vulnerabilities, alongside the likelihood and impact of successful exploitation.

We recognise that remediation of all issues doesn’t just happen overnight, and our technical team will be happy to answer any questions while remediation is happening over the following months. We find this approach allows for better integration of security into development and helps reduce the number of issues we see when retesting.

For clients who require further support, we offer our Full Stop Remediation™ post assessment training, which incorporates real-world examples from the assessment into the training course. This tailored approach delivers lessons to administrators in a familiar context and environment, allowing the lessons learned to be immediately applied to existing projects and ensures long-term risk reduction. More information about Full Stop Remediation™ can be found below.

Full Stop Remediation™ – Secure Cloud Operations Training (AWS/Azure)

From the results of a penetration test, or series of assessments, our consultants can provide bespoke training to cloud administrators on how to remediate the issues found in the assessment and cloud SecOps best practices. This powerful remediation offering allows total remediation for now and the future, giving development teams the skills to identify vulnerabilities before they make it to production infrastructure. Other benefits of this total remediation solution include:

Cost savings: Addressing vulnerabilities early in the design and deployment phases is more cost-effective than fixing them after the infrastructure is in production
Security by default:Securely architected and operated infrastructure is often more efficient and easier to maintain, resulting in an overall increase in security without additional work.
Better collaboration: When administrators understand how to architect and maintain secure environments, they can work more effectively with security teams and other stakeholders, it’s a win-win for everyone.
Foster a “Security First” culture: With better awareness of security issues and the knowledge to address them, a culture of security can be developed. With a strong security culture comes greater security, shared accountability and efficiency, forming the basis of any successful security program.
Empowered Internal Teams:Our training empowers cloud administrators to handle remediation tasks independently. They gain the knowledge and skills needed to efficiently address vulnerabilities, reducing reliance on external security consultants for routine remediation efforts.

Contact us today for more information on how Full Stop Remediation™ can accelerate your cloud SecOps program and put security at the heart of your cloud administration team.

A technical contact (somebody who knows the ins and outs of what’s being tested) and 30 minutes to an hour. Our technical team will arrange a call, and then we can discuss all of the aspects of the assessment.

Specifically, for your cloud environment, that question will be answered at the end of a scoping call with our technical team. The test duration depends on various factors, such as the number of hosts, regions and users in scope. Generally speaking, depending on the project size and requirements, it can range from a few days to a few weeks

It depends. The cost of an assessment can vary based on factors such as the size and complexity of the organisation’s cloud environment. After the scoping call, our consultants will be able to provide a detailed quote which outlines what we will do and what the outputs of that work will be.

We don’t just wine, dine and dash. We’re in every client relationship for the long term. Like most providers, after the penetration testing is complete, you will receive a detailed report outlining the vulnerabilities identified, their severity levels, and recommendations for remediation. Where we differ is in the post-test support. We recommend to all clients that debrief meetings are scheduled after the assessment is completed, allowing for discussions around real-world risk, prioritisation and the best way to approach specific remediation actions. We recognise that remediation of all issues doesn’t just happen overnight, and our technical team will be happy to answer any questions while remediation is happening over the following months. This approach allows operation teams to address issues while keeping their business moving forward.

o Of course, what good is a security assessment if the issues aren’t addressed?! Our team will be here to support remediation efforts for months after the end of the assessment. Our recommended post-engagement debriefs calls, and detailed reports provide all the information that is often required to remediate all issues, but if it can be of any more use, then we will be on hand to help.

We understand that timescales can sometimes be tight, and things need to get done. In these cases, we will attempt to accommodate all requests from our clients. If we don’t have the capacity, we will know a trusted partner who can. Typically, we ask for a lead time of at least two weeks, however. For people who book far in advance, we can often offer reduced rates as our thank you for being super prepared.

The frequency of cloud penetration testing depends on various factors, including the criticality of the systems involved, compliance with regulatory standards that stipulate the frequency of penetration testing and the organisation’s risk appetite. As a general rule, it is recommended to conduct penetration testing at least once a year or whenever significant changes are made to the systems.

o Our objective is not to cause any disruption to systems during testing, but that doesn’t mean that problems can’t (and don’t) occur. There might be instances where certain vulnerabilities could cause temporary issues or downtime. There are lots of techniques that can be used to minimise the likelihood of issues occurring. For example, testing can be done outside of core business hours. Whatever is required, our team can determine a testing strategy to meet your objectives safely and securely.