Network Pentest 2.0 : The Cloud Pentest Revolution
Cloud Security Podcast22 Elo 2023

Network Pentest 2.0 : The Cloud Pentest Revolution

Cloud Security Pentest is not just a Cloud configuration review ! Blackhat 2023 & Defcon 31 conversations included Cloud Security Podcast asking traditional and experienced pentesters about their opinion on cloud security pentesting and the divide was between it being a config review or a product pentest. For this episode we have Seth Art from Bishop Fox to clarify the myth.


Episode YouTube: ⁠ ⁠Video Link⁠⁠⁠⁠


Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠⁠⁠⁠)

Guest Socials: Seth Art's Linkedin ⁠⁠⁠⁠⁠⁠(⁠⁠Seth Art Linkedin)

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠


Spotify TimeStamp for Interview Question


(00:00) Introduction

(05:17) A bit about Seth Art

(06:44) Network vs Infrastructure Security Pentest

(08:00) Internal vs External Network Security Pentest

(10:26) Assumed vs Objective Based Pentest

(12:51) Is network pentest dead?

(14:04) How to approach network and cloud pentests?

(20:12) Cloud pentest is more than config review

(24:04) Examples of cloud pentest findings

(30:07) Scaling pentests in cloud

(32:25) Traditional skillsets to cloud pentest

(36:58) A bit about cloudfoxable

(39:31) Cloud pentest and Zero Trust

(40:54) Staying ahead of CSP releases

(44:31) Third party shared responsibility

(47:35) 1 fun question

(48:36) Boundary for cloud pentest

(52:21) Last 2 fun questions


These are some of the resources that Seth shared during the episode along with the tools he has created

See you at the next episode!

Jaksot(344)

GETTING STARTED WITH HACKING AWS CLOUD

GETTING STARTED WITH HACKING AWS CLOUD

Cloud Security Podcast - If Hacking the Cloud is on your mind for 2023 then in this "Breaking the AWS Cloud" month we are kicking things with Nick Frichette (Nick's Linkedin), a Senior Security Resear...

8 Tammi 202345min

AWS Reinvent 2022 - RECAP for Cloud Security Professionals!

AWS Reinvent 2022 - RECAP for Cloud Security Professionals!

In this episode of the Virtual Coffee with Ashish edition, we spoke with Shilpi Bhattacharjee (Cloud Security Podcast, Producer). We spoke about Announcements from AWS Reinvent for - new security prod...

14 Joulu 202243min

AWS EKS EXPLAINED!

AWS EKS EXPLAINED!

In this episode of the Virtual Coffee with Ashish edition, we spoke with Justin Garrison (Personal Website) from AWS to talk about what scenarios make sense to choose AWS EKS vs AWS ECS vs AWS Fargate...

10 Joulu 202257min

Story of a Cloud Architect & Blurry Lines of Control with AWS

Story of a Cloud Architect & Blurry Lines of Control with AWS

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ashish Desai (Ashish Desai's Linkedin) about how much of the on-premise can work in Cloud, what the online world is saying vers...

25 Marras 202253min

BECOME A CLOUD SECURITY ARCHITECT IN 2023

BECOME A CLOUD SECURITY ARCHITECT IN 2023

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kat Traxler (Kat's Linkedin) about the skillset, certification and knowledge base required to become a cloud security architect...

13 Marras 202253min

AWS Threat Detection for NOT SO COMMON AWS Services Explained

AWS Threat Detection for NOT SO COMMON AWS Services Explained

In this episode of the Virtual Coffee with Ashish edition, we spoke with Rodrigo Montoro (Rodrigo's linkedin) about threat modelling and incident response involving the uncommon AWS services which sti...

10 Marras 202247min

Ransomware attacks in AWS

Ransomware attacks in AWS

In this episode of the Virtual Coffee with Ashish edition, we spoke with Nandesh Guru (Nandesh's Linkedin) about ransomware and supply chain attack mechanisms in AWS and how the world of CSPM have evo...

6 Marras 202237min

How to become a Cloud Native Security Architect?

How to become a Cloud Native Security Architect?

In this episode of the Virtual Coffee with Ashish edition, we spoke with Christophe Parisel (Christophe's Linkedin) about what how to transition from being a technical architect on premise to a cloud ...

30 Loka 202250min