Network Pentest 2.0 : The Cloud Pentest Revolution
Cloud Security Podcast22 Elo 2023

Network Pentest 2.0 : The Cloud Pentest Revolution

Cloud Security Pentest is not just a Cloud configuration review ! Blackhat 2023 & Defcon 31 conversations included Cloud Security Podcast asking traditional and experienced pentesters about their opinion on cloud security pentesting and the divide was between it being a config review or a product pentest. For this episode we have Seth Art from Bishop Fox to clarify the myth.


Episode YouTube: ⁠ ⁠Video Link⁠⁠⁠⁠


Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠⁠⁠⁠)

Guest Socials: Seth Art's Linkedin ⁠⁠⁠⁠⁠⁠(⁠⁠Seth Art Linkedin)

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠


Spotify TimeStamp for Interview Question


(00:00) Introduction

(05:17) A bit about Seth Art

(06:44) Network vs Infrastructure Security Pentest

(08:00) Internal vs External Network Security Pentest

(10:26) Assumed vs Objective Based Pentest

(12:51) Is network pentest dead?

(14:04) How to approach network and cloud pentests?

(20:12) Cloud pentest is more than config review

(24:04) Examples of cloud pentest findings

(30:07) Scaling pentests in cloud

(32:25) Traditional skillsets to cloud pentest

(36:58) A bit about cloudfoxable

(39:31) Cloud pentest and Zero Trust

(40:54) Staying ahead of CSP releases

(44:31) Third party shared responsibility

(47:35) 1 fun question

(48:36) Boundary for cloud pentest

(52:21) Last 2 fun questions


These are some of the resources that Seth shared during the episode along with the tools he has created

See you at the next episode!

Jaksot(344)

Cloud Security in Operational Technology vs Information Technology world - Parul Kharub, CISSP

Cloud Security in Operational Technology vs Information Technology world - Parul Kharub, CISSP

In this episode of the Virtual Coffee with Ashish edition, we spoke with Parul Kharub, CISSP, HMM. Parul has spent number of years in the Operational Technology (OT) space building cybersecurity strat...

19 Heinä 202054min

HOW TO BECOME A SUCCESSFUL CISO IN 2020 - Abbas Kudrati, Microsoft

HOW TO BECOME A SUCCESSFUL CISO IN 2020 - Abbas Kudrati, Microsoft

In this episode of the Virtual Coffee with Ashish edition, we spoke with Abbas Kudrati, CyberSecurity Advisor for Microsoft Asia Pacific Region. Abbas has previously worked in various large companies ...

12 Heinä 20201h 3min

How to do Google Cloud Security Well - The 2020 Edition - Darpan Shah

How to do Google Cloud Security Well - The 2020 Edition - Darpan Shah

In this episode of the Virtual Coffee with Ashish edition, we spoke with Darpan Shah, Cloud Security Engineer. Darpan has 8 AWS Certificates, 6 GCP certificates and at his work, he works on both Googl...

5 Heinä 202055min

HOW TO BECOME A CLOUD SECURITY ENGINEER in 2020 | Including Top Certifications

HOW TO BECOME A CLOUD SECURITY ENGINEER in 2020 | Including Top Certifications

In this episode of the Virtual Coffee with Ashish edition, we spoke with Christopher Hughes, CISSP, Cloud Security Engineer. Host: Ashish Rajan - Twitter @hashishrajan Guest: Chris Hughes - Linked...

28 Kesä 202045min

Building an Engineering Security Culture - Failure stories included - Edwin Kwan, Tyro Payments

Building an Engineering Security Culture - Failure stories included - Edwin Kwan, Tyro Payments

In this episode of the Virtual Coffee with Ashish edition, we spoke with Edwin Kwan, Head of Application and Software Security at Tyro payments. Host: Ashish Rajan - Twitter @hashishrajan Guest: Ed...

21 Kesä 202044min

TIPS FOR WOMEN IN INFORMATION SECURITY TO GET A JOB IN CYBER SECURITY - Alannah Goh, 0xCC

TIPS FOR WOMEN IN INFORMATION SECURITY TO GET A JOB IN CYBER SECURITY - Alannah Goh, 0xCC

In this episode of the Virtual Coffee with Ashish edition, we spoke with Alannah Guo, Founder of 0xCC & Pentester. Host: Ashish Rajan - Twitter @hashishrajan Guest: Alannah Guo - Twitter @AlannahGu...

14 Kesä 202058min

Google Cloud Security - How does Google Cloud work?

Google Cloud Security - How does Google Cloud work?

In this episode sponsored by Virtual Coffee with Ashish edition, we spoke with Francesco Cipollone, Chapter Chair (UK), Cloud Security Alliance Host: Ashish Rajan - Twitter @hashishrajan Guest: Fra...

7 Kesä 202054min

What is GOOD COMPANY CULTURE (WITH EXAMPLE ) during COVID19 with remote employees!

What is GOOD COMPANY CULTURE (WITH EXAMPLE ) during COVID19 with remote employees!

In this episode sponsored by Virtual Coffee with Ashish edition, we spoke with Graeme Cantu-Park, CISO of Matilion Host: Ashish Rajan - Twitter @hashishrajan Guest: Graeme Cantu-Park - Linkedin ...

31 Touko 202037min