Cloud Security

Assess your current and planned use of cloud resources and your governance, process, and technical controls.

AWS and Azure Controls Assessment

We work side-by-side with your teams to validate the effectiveness of your protection and detection capabilities and identify areas to improve your controls. We cover the following areas:

Security Architecture Assessment

We review your design and perform application and architecture threat modelling in consideration of your users, customers, data flows and application functionality.

Authentication and Authorization Controls

We perform application and architecture threat modelling, and use penetration testing techniques with different user roles in attempts to circumvent controls and escalate privileges.

Configuration and Host Build Review

We look for configuration weaknesses and provide security hardening recommendations for the application and the infrastructure supporting your cloud applications.

AWS IAM Exploitation

AWS IAM Exploitation

By Evan Perotti

In AWS, authorization is governed by the Identity and Access Management (IAM) service. Unfortunately, as most software configuration goes, there is ample opportunity for misconfigurations that result in security vulnerabilities. As it pertains to AWS IAM, this typically manifests as privilege escalation. However, in some cases, it can result in something as severe as unauthorized account access. In this blog post, I will cover general classes of IAM exploitation and privilege escalation techniques.

Protect your devices.

Learn how we can help test and improve the security of your team’s multi-faceted devices.