Features of cloud pentests in Amazon Web Services
With the constant growth in the number of organizations moving their operations to the cloud, security concerns are becoming particularly relevant. Amazon Web Services (AWS) is one of the most popular cloud platforms, yet it is not immune to cyber attacks.
Penetration testing becomes a critical stage in identifying potential vulnerabilities in the AWS infrastructure.
In this article, we will examine the necessity of conducting penetration testing in AWS, share valuable recommendations, and clarify the importance of ensuring security in the cloud environment. If you aim to protect your data and operations, this material will be beneficial for you.
How does traditional penetration testing differ from penetration testing in AWS?
Traditional penetration testing and penetration testing in AWS have significant differences in light of modern technological changes.
Our compiled comparative table allows understanding the limitations of traditional approaches and explains why conducting testing in AWS becomes an integral component of ensuring security in the cloud environment.
|Traditional penetration testing
|Penetration testing in AWS
|Physical infrastructure (servers, routers, etc.)
|Virtual infrastructure (EC2, S3, and other AWS services)
|Local and cloud tools
|Local, cloud, and specialized tools for AWS (AWS Inspector, Amazon GuardDuty, AWS Config)
|“Black box” method, occasionally – “gray box” or “white box”
|Primarily “white box” method
|Scope of application
|Often limited to specific systems or applications
|Encompasses a broad range of AWS services and configurations
|Speed and scale of automated part of testing
|Typically slower and constrained by organizational resources
|More scalable and faster due to cloud infrastructure
|Less adaptable to rapidly changing infrastructure
|Adapts to the dynamics of the cloud environment
|Consideration of shared responsibility
|Primary focus on internal resources and vulnerabilities
|Acknowledges shared responsibility with AWS for security
|Requires adaptation to work with cloud environments
|Specifically designed to detect cloud risks and vulnerabilities
What is prohibited for conducting penetration testing in AWS?
It is a well-known fact that conducting penetration testing within the Amazon Web Services (AWS) environment is allowed by the Amazon company; however, there are a number of prohibited areas that are crucial to consider. These restrictions are aimed at ensuring the security, integrity, and reliability of the cloud infrastructure. Below, we will examine the specific limitations that exist.
Testing of external services. One of the primary restrictions is the prohibition of testing services that are not related to your AWS account or belong to other customers. This includes services that are beyond your own sphere of influence. Clearly, such actions can have a negative impact on the overall security and trust of the platform.
Physical security. It’s important to note that testing physical security measures, such as data centers, buildings, and personnel, is strictly forbidden. This approach helps prevent potential risks associated with unwanted interference with real-world objects.
AWS support services. Testing AWS support services or reaching out to AWS support with requests for penetration testing is prohibited. This is because even limited interactions with such services could disrupt balance and negatively affect customer experience.
Third-party applications and services. Another consideration is the prohibition of testing third-party applications or services integrated with your AWS resources without explicit consent from the owners of these resources. This is essential to ensure the confidentiality and protection of other users’ data.
Interference and harm. It’s prohibited to undertake actions that could damage the operation of AWS services or have a negative impact on the resources of other customers. This restriction helps maintain the stability and reliability of the entire infrastructure.
Use of known vulnerabilities. It is desirable to avoid using vulnerabilities that AWS has already been made aware of. This is intended to uphold ethical standards and prevent practical issues.
Self-conducted penetration testing in AWS: our recommendations
Undertaking self-conducted penetration testing in AWS requires special caution and knowledge about cloud infrastructure. To assist you in this intricate process, we have prepared a step-by-step guide with key recommendations for successfully conducting penetration testing within the AWS environment.
Step 1: Preparatory measures
Goal setting. Define the objectives of the penetration testing. Which systems, applications, or resources do you intend to assess? What vulnerabilities and attacks do you wish to explore?
Obtaining approval. Obtain consent from resource owners and AWS administrators for conducting the penetration testing.
Selecting test type. Decide on the type of testing you require: external (attacks from the outside), internal (attacks from within), or a combination.
Step 2: Environment preparation
Creating a test environment. Configure a separate testing environment within AWS to isolate testing from the production environment.
Data duplication. If necessary for testing, create duplicates of data to avoid accidental damage to live data.
Simulating attacks. Ensure you understand the attacking methods you will employ and have appropriate tools.
Step 3: Conducting the Testing
Scanning and asset identification. Utilize tools to detect active hosts, services, and ports.
Vulnerability search. Apply automated tools and manual methods to identify vulnerabilities in applications, services, and infrastructure.
Vulnerability exploitation. Attempt to exploit identified vulnerabilities to gain access or control over the system.
Results analysis. Evaluate testing outcomes, assess attack success, and potential threats to the system.
Step 4: Reporting
Report compilation. Create a detailed report of the conducted testing. Include information about discovered vulnerabilities, attack methods, and successful exploitations.
Resolution recommendations. Provide suggestions for addressing identified vulnerabilities and enhancing security levels.
Step 5: Post-Testing
Risk analysis. Collaboratively with resource owners, assess risks associated with detected vulnerabilities and decide on necessary actions.
Vulnerability remediation. Implement resolution recommendations to fix identified vulnerabilities.
Reassessment. Perform a retest of discovered vulnerabilities to ensure they are eradicated or remediated.
Personnel training. Provide employees with lessons derived from the penetration testing to prevent future repetition of mistakes.
Step 6: Conclusion
Endorsement of conclusion. Ensure resource owners are content with the testing outcomes and take steps to improve security.
Data archival. Preserve reports during the allowed retention period and relevant documentation for future comparisons and analysis.
Feedback. Engage in discussions with resource owners and AWS administrators to exchange experiences and advice.
By following these steps and undergoing appropriate training, such as OCPT, GCPN, C|PENT, or MCPT, you will be equipped to independently conduct basic penetration testing in AWS.
However, remember that performing a comprehensive penetration test and audit of AWS on your own might prove to be complex and labor-intensive. Therefore, we recommend seeking assistance from professionals if you’re not confident in your skills.
Subscribe to our Telegram channel to make sure you do not miss any new articles on our blog.