AWS Goat - Cloud Penetration Testing
Cloud Security Podcast24 Tammi 2023

AWS Goat - Cloud Penetration Testing

Cloud Security Podcast - This month we are talking about "Breaking the AWS Cloud" and next up on this series, we spoke to Nishant Sharma (Nishant's Linkedin), Director, Lab Platform, INE. If you have tried pentesting in AWS Cloud or want to start today with AWS Goat, then this episode with Nishant, behind AWS Goat will help you understand how you can upskill and maybe even show others how to be better at pentesting AWS Cloud.

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Nishant Sharma (Nishant's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Introduction

(03:51) snyk.io/csp

(04:51) What is Cloud Pentesting?

(06:19) Cloud pentesting vs Web App & Network

(08:37) What is AWS Goat?

(13:12) Do you need permission from AWS to do pentesting?

(14:03) Pentesting an application vs pentesting AWS S3

(15:40) What is AWS Goat testing?

(18:14) Cloud penetration testing tools

(19:59) How useful is a metadata of a cloud instance?

(22:24) AWS Pentesting and OWASP Top 10

(25:31) How to build internal training for Cloud Security?

(29:43) Keep building knowledge on AWS Goat

(30:33) Using CloudShell for AWS pentesting

(34:09) ChatGPT for cloud pentesting

(36:28) Vulnerable serverless application

(39:40) Pentesting Amazon ECS

(43:01) How do you protect against ECS misconfigurations?

(47:38) What is the future plan for AWS Goat?

(50:28) Fun Questions

See you at the next episode!

Jaksot(345)

CSO Hall of Fame - 21 yrs in Cybersecurity: Challenges THEN & NOW

CSO Hall of Fame - 21 yrs in Cybersecurity: Challenges THEN & NOW

In this Mid Week special episode of the CISO Perspective edition, we spoke with Andy Ellis (@csoandy) is the Operating Partner at YL Ventures (@YLVentures) and the ex-CISO of Akamai (@Akamai). Episode...

10 Kesä 202142min

Finding and Fixing SECURITY BUGS IN GOOGLE CLOUD - Dylan Ayrey

Finding and Fixing SECURITY BUGS IN GOOGLE CLOUD - Dylan Ayrey

In this episode of the Virtual Coffee with Ashish edition, we spoke with Dylan Ayrey (@insecurenature) is a Professional Hacker and Co-Founder of Truffle Security (@TruffleSecurity-Linkedin) Episode S...

6 Kesä 20211h 1min

Attacking and Defending Managed Kubernetes Clusters - Brad Geesaman

Attacking and Defending Managed Kubernetes Clusters - Brad Geesaman

In this episode of the Virtual Coffee with Ashish edition, we spoke with Brad Geesaman (@bradgeesaman) is a Senior Cloud Native and Kubernetes Security Professional and the Co- Founder of Darkbit (@Da...

30 Touko 202159min

Kubernetes Runtime Threat Detection and Response - Falco, Sysdig

Kubernetes Runtime Threat Detection and Response - Falco, Sysdig

In this episode of the Virtual Coffee with Ashish edition, we spoke with Dan “POP“ Papandrea (@danpopnyc) is the CNCF Ambassador, Director of Open Source Community and Ecosystem (@sysdig) and Podcast ...

23 Touko 202152min

Study Hall - Attacking K8S Cluster Defaults!

Study Hall - Attacking K8S Cluster Defaults!

In this Study Hall - Ashish goes through Kubernetes Components to start understanding the Kubernetes Architecture READ the Multi-part Medium Article here - Ultimate Guide to Kubernetes Security For...

20 Touko 202125min

Start here for Kubernetes Security - Magno Logan

Start here for Kubernetes Security - Magno Logan

In this episode of the Virtual Coffee with Ashish edition, we spoke with Magno Logan (@MagnoLogan) is the Security Researcher, Trend Micro(@TrendMicro) Episode ShowNotes, Links and Transcript on Cloud...

16 Touko 202158min

Study Hall - Kubernetes Concepts and Architecture Explained!

Study Hall - Kubernetes Concepts and Architecture Explained!

In this Study Hall - Ashish goes through Kubernetes Components to start understanding the Kubernetes Architecture READ the Multi-part Medium Article here - Ultimate Guide to Kubernetes Security For ...

12 Touko 202119min

Risk Analysis of Kubernetes Security - Mark Manning, Snowflake

Risk Analysis of Kubernetes Security - Mark Manning, Snowflake

In this episode of the Virtual Coffee with Ashish edition, we spoke with Mark Manning (@antitree) is the Principal Security Architect at Snowflake(@SnowflakeDB). Before this he used to run Kubernetes ...

9 Touko 202149min