AWS Goat - Cloud Penetration Testing
Cloud Security Podcast24 Tammi 2023

AWS Goat - Cloud Penetration Testing

Cloud Security Podcast - This month we are talking about "Breaking the AWS Cloud" and next up on this series, we spoke to Nishant Sharma (Nishant's Linkedin), Director, Lab Platform, INE. If you have tried pentesting in AWS Cloud or want to start today with AWS Goat, then this episode with Nishant, behind AWS Goat will help you understand how you can upskill and maybe even show others how to be better at pentesting AWS Cloud.

Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv

Host Twitter: Ashish Rajan (@hashishrajan)

Guest Twitter: Nishant Sharma (Nishant's Linkedin)

Podcast Twitter - @CloudSecPod @CloudSecureNews

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- Cloud Security News

- Cloud Security Academy

Spotify TimeStamp for Interview Questions

(00:00) Introduction

(03:51) snyk.io/csp

(04:51) What is Cloud Pentesting?

(06:19) Cloud pentesting vs Web App & Network

(08:37) What is AWS Goat?

(13:12) Do you need permission from AWS to do pentesting?

(14:03) Pentesting an application vs pentesting AWS S3

(15:40) What is AWS Goat testing?

(18:14) Cloud penetration testing tools

(19:59) How useful is a metadata of a cloud instance?

(22:24) AWS Pentesting and OWASP Top 10

(25:31) How to build internal training for Cloud Security?

(29:43) Keep building knowledge on AWS Goat

(30:33) Using CloudShell for AWS pentesting

(34:09) ChatGPT for cloud pentesting

(36:28) Vulnerable serverless application

(39:40) Pentesting Amazon ECS

(43:01) How do you protect against ECS misconfigurations?

(47:38) What is the future plan for AWS Goat?

(50:28) Fun Questions

See you at the next episode!

Jaksot(345)

Security Chaos Engineering Experiments for Beginners

Security Chaos Engineering Experiments for Beginners

In this episode of the Virtual Coffee with Ashish edition, we spoke with David Lavezzo, Director of Security Chaos Engineering at Capital One Host: Ashish Rajan - Twitter @hashishrajan Guest: David...

31 Tammi 202135min

RED TEAM IN CLOUD - Brianna Malcolmson, Atlassian

RED TEAM IN CLOUD - Brianna Malcolmson, Atlassian

In this episode of the Virtual Coffee with Ashish edition, we spoke with Brianna Malcolmson, Security Engineering Manager, Atlassian Host: Ashish Rajan - Twitter @hashishrajan Guest: Brianna Malco...

24 Tammi 202147min

INFRASTRUCTURE AS CODE SECURITY

INFRASTRUCTURE AS CODE SECURITY

In this episode of the Virtual Coffee with Ashish edition, we spoke with Matt Johnson, Developer Advocate Lead, Bridgecrew. Host: Ashish Rajan - Twitter @hashishrajan Guest: Matt Johnson - Twitter ...

17 Tammi 202150min

Cloud Security Testing in AWS

Cloud Security Testing in AWS

In this episode of the Virtual Coffee with Ashish edition, we spoke with Pawel Rzepa, Snr Security Consultant, SecuRing. Host: Ashish Rajan - Twitter @hashishrajan Guest: Pawel Rzepa - Twitter @rze...

10 Tammi 202152min

HOW TO BECOME A CLOUD SECURITY ARCHITECT in 2021 ? - Sriya Potham

HOW TO BECOME A CLOUD SECURITY ARCHITECT in 2021 ? - Sriya Potham

In this episode of the Virtual Coffee with Ashish edition, we spoke with Sriya Potham, Principal Cloud Security Architect Host: Ashish Rajan - Twitter @hashishrajan Guest: Sriya Potham - Linkedin @...

3 Tammi 202144min

STARTING A SUCCESSFUL CYBERSECURITY PODCAST IN 2021

STARTING A SUCCESSFUL CYBERSECURITY PODCAST IN 2021

In this Christmas special episode of the Virtual Coffee with Ashish edition, we had a panel of successful CyberSecurity Podcast Hosts that answered questions about starting and running a successful Cy...

20 Joulu 20201h 3min

RISK MANAGEMENT IN CLOUD SECURITY - MONICA VERMA

RISK MANAGEMENT IN CLOUD SECURITY - MONICA VERMA

In this episode of the Virtual Coffee with Ashish edition, we spoke with Monica Verma, CISO Host: Ashish Rajan - Twitter @hashishrajan Guest: Monica Verma - Linkedin @monicaverma In this episode, ...

29 Marras 202048min

WHAT IS DIGITAL RISK PROTECTION & WHY IS IT IMPORTANT? - Sam Small, Zerofox

WHAT IS DIGITAL RISK PROTECTION & WHY IS IT IMPORTANT? - Sam Small, Zerofox

In this episode of the Virtual Coffee with Ashish edition, we spoke with Sam Small, Chief Security Officer, Zerofox Host: Ashish Rajan - Twitter @hashishrajan Guest: Sam Small - Linkedin @samsmallp...

22 Marras 202054min