Network Pentest 2.0 : The Cloud Pentest Revolution
Cloud Security Podcast22 Elo 2023

Network Pentest 2.0 : The Cloud Pentest Revolution

Cloud Security Pentest is not just a Cloud configuration review ! Blackhat 2023 & Defcon 31 conversations included Cloud Security Podcast asking traditional and experienced pentesters about their opinion on cloud security pentesting and the divide was between it being a config review or a product pentest. For this episode we have Seth Art from Bishop Fox to clarify the myth.


Episode YouTube: ⁠ ⁠Video Link⁠⁠⁠⁠


Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠⁠⁠⁠)

Guest Socials: Seth Art's Linkedin ⁠⁠⁠⁠⁠⁠(⁠⁠Seth Art Linkedin)

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠


Spotify TimeStamp for Interview Question


(00:00) Introduction

(05:17) A bit about Seth Art

(06:44) Network vs Infrastructure Security Pentest

(08:00) Internal vs External Network Security Pentest

(10:26) Assumed vs Objective Based Pentest

(12:51) Is network pentest dead?

(14:04) How to approach network and cloud pentests?

(20:12) Cloud pentest is more than config review

(24:04) Examples of cloud pentest findings

(30:07) Scaling pentests in cloud

(32:25) Traditional skillsets to cloud pentest

(36:58) A bit about cloudfoxable

(39:31) Cloud pentest and Zero Trust

(40:54) Staying ahead of CSP releases

(44:31) Third party shared responsibility

(47:35) 1 fun question

(48:36) Boundary for cloud pentest

(52:21) Last 2 fun questions


These are some of the resources that Seth shared during the episode along with the tools he has created

See you at the next episode!

Jaksot(344)

Zero Trust and the Triple Paradox

Zero Trust and the Triple Paradox

Zero Trust is top of mind but is it achievable? In this "What to LookOut for in 2022" series - we interviewed experts at RSA and BSidesSF about what Zero Trust is important today and the paradoxes in ...

9 Heinä 202221min

Building AWS Security Guardrails

Building AWS Security Guardrails

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kinnaird McQuade (Kinnaird's Twitter) Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodca...

4 Heinä 202244min

Fix the Broken Digital Supply Chain

Fix the Broken Digital Supply Chain

The Digital Supply Chain is broken and getting challenging to fix. In this "What to LookOut for in 2022" series - we interviewed experts at RSA and BSidesSF on the Broken Digital Supply Chain and ways...

3 Heinä 202215min

3 THINGS THAT BROKE THE DIGITAL SUPPLY CHAIN

3 THINGS THAT BROKE THE DIGITAL SUPPLY CHAIN

The Digital Supply Chain is broken and getting challenging to fix. In this "What to LookOut for in 2022" series - we interviewed experts at RSA and BSidesSF on the Broken Digital Supply Chain and why ...

26 Kesä 202216min

Digital Transformation - ARE WE THERE YET!

Digital Transformation - ARE WE THERE YET!

In this episode of the Virtual Coffee with Ashish edition, we spoke with Heather Ceylan (@heatherceylon) & Ariel Chavan (@ariel-c-ab445a50) from Zoom. Watch the video for this episode on You Tube - Di...

20 Kesä 202214min

CISO Perspective: Sean Catlett, CISO of Slack

CISO Perspective: Sean Catlett, CISO of Slack

In this episode of the Virtual Coffee with Ashish edition, we spoke with Sean Catlett (Sean's Linkedin) Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv H...

14 Kesä 202233min

CAASM - CyberSecurity Asset Management for the Modern Security Stack

CAASM - CyberSecurity Asset Management for the Modern Security Stack

In this episode of the Virtual Coffee with Ashish edition, we spoke with Akash Ganapathi (Akash's Linkedin) Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast....

4 Kesä 202234min

Azure Security Fundamentals - Level 200

Azure Security Fundamentals - Level 200

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tanya Janca (Tanya's Twitter) Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Ho...

29 Touko 202252min