AWS Goat - Cloud Penetration Testing
Cloud Security Podcast24 Tammi 2023

AWS Goat - Cloud Penetration Testing

Cloud Security Podcast - This month we are talking about "Breaking the AWS Cloud" and next up on this series, we spoke to Nishant Sharma (Nishant's Linkedin), Director, Lab Platform, INE. If you have tried pentesting in AWS Cloud or want to start today with AWS Goat, then this episode with Nishant, behind AWS Goat will help you understand how you can upskill and maybe even show others how to be better at pentesting AWS Cloud.

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Nishant Sharma (Nishant's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Introduction

(03:51) snyk.io/csp

(04:51) What is Cloud Pentesting?

(06:19) Cloud pentesting vs Web App & Network

(08:37) What is AWS Goat?

(13:12) Do you need permission from AWS to do pentesting?

(14:03) Pentesting an application vs pentesting AWS S3

(15:40) What is AWS Goat testing?

(18:14) Cloud penetration testing tools

(19:59) How useful is a metadata of a cloud instance?

(22:24) AWS Pentesting and OWASP Top 10

(25:31) How to build internal training for Cloud Security?

(29:43) Keep building knowledge on AWS Goat

(30:33) Using CloudShell for AWS pentesting

(34:09) ChatGPT for cloud pentesting

(36:28) Vulnerable serverless application

(39:40) Pentesting Amazon ECS

(43:01) How do you protect against ECS misconfigurations?

(47:38) What is the future plan for AWS Goat?

(50:28) Fun Questions

See you at the next episode!

Jaksot(345)

Security Governance and Compliance in Serverless Applications

Security Governance and Compliance in Serverless Applications

In this episode of the Virtual Coffee with Ashish edition, we spoke with Jon Zeolla (@jonzeolla ) is a Cloud Native Contributor, co-founder CTO of Seiso. Episode ShowNotes, Links and Transcript on Clo...

7 Marras 202137min

AWS Earns over 16billion this quarter + SEGA on Microsoft Azure - Cloud Security News

AWS Earns over 16billion this quarter + SEGA on Microsoft Azure - Cloud Security News

Cloud Security News this week 27 October 2021 In case you missed the quarterly earnings updates from last episode, I do encourage you to check it out to see how Google Cloud and Azure faired last Qu...

3 Marras 20213min

How to Build Applications with Zero Trust Principles

How to Build Applications with Zero Trust Principles

In this episode of the Virtual Coffee with Ashish edition, we spoke with Maximilian Burkhardt (@maxb) is a Staff Security Engineer at Figma (@Figma) Episode ShowNotes, Links and Transcript on Cloud Se...

31 Loka 202142min

What is SaaS Security Posture Management (SSPM)?

What is SaaS Security Posture Management (SSPM)?

In this episode of the Virtual Coffee with Ashish edition, we spoke with Chris Hughes (@Linkedin-Profile) is a host of the Resilient Cyber Podcast. Episode ShowNotes, Links and Transcript on Cloud Sec...

28 Loka 202120min

AWS Lands UK Spy Services Contact + Google Cloud + Azure release Q3 results - Cloud Security News

AWS Lands UK Spy Services Contact + Google Cloud + Azure release Q3 results - Cloud Security News

Cloud Security News this week 27 October 2021 UK’s spy agencies have given a contract to AWS to host classified material. Their intention is to boost use of data analytics and artificial intelligenc...

27 Loka 20215min

Threat Detection and Incident Response in Cloud - Nathan Case

Threat Detection and Incident Response in Cloud - Nathan Case

In this episode of the Virtual Coffee with Ashish edition, we spoke with Nathan Case ( Linkedin Profile ) is a Senior Director, Security Operations at Resilience. Episode ShowNotes, Links and Transcri...

24 Loka 202146min

HashiConf Global 2021 - Our Cloud Security Picks - Cloud Security News

HashiConf Global 2021 - Our Cloud Security Picks - Cloud Security News

Cloud Security News this week 22 October 2021 Hope you have been enjoying your Cloud Security News this week and in our special third instalment for this week we bring you our best bits from Hashiconf...

22 Loka 20213min

Talks not to be missed at Kubecon North America 2021 - Cloud Security News

Talks not to be missed at Kubecon North America 2021 - Cloud Security News

Cloud Security News this week 21 October 2021 It's a month full of conferences and as promised we are back with our 2nd episode this week to bring you the cloud security highlights from KubeCon. In th...

21 Loka 20213min