Cloud Penetration Testing

Leveraging our background in running our MSSP, RedBear also performs Penetration Testing. Although we focus on customers running in the AWS Cloud, we perform penetration testing of Web and API applications running on any platform. When we do work with AWS hosted environments, we can also perform an assessment of the AWS configuration. In addition we can perform penetration testing of the Cloud configuration.

Cloud Platform Penetration Testing

Companies are realising the benefits of moving infrastructure and services to the cloud but often without fully understanding the security implications.

What would be the impact if your database was compromised? What consequences would you face if a malicious outsider gained access to your cloud environment? How can you be sure there is not a misconfiguration in the infrastructure? Ensuring cloud security begins with a Cloud Security Assessment.

If you want to go deeper, RedBear can perform penetration testing of your AWS Cloud platform configuration.

  • Are you exposing resources publicly unintentionally?
  • Do you allow overly permissive access?
  • How easy is it to find and access your customer’s data?
  • Can a malicious actor gain escalated access to your AWS environment?
  • How would you detect such actions?

Our Cloud platform penetration testing aims to test your AWS configuration against exploitation. Note we are not testing the AWS services but the configuration in place in your AWS accounts.

Web Penetration Testing

Penetration testing is the process of simulating real cyber-attacks against your own systems in order to discover potential security vulnerabilities that attackers can take advantage of.

Our web penetration test will identify vulnerabilities in applications and provide recommendations to reduce the risk of compromise of your services. Our test coverage includes

  • OWASP Top 10
  • SQL and NoSQL injection
  • Cross-site scripting
  • Out of band injection
  • Payload manipulation
  • Session handling
  • User and tenant segregation
  • Traditional & Modern Web applications (including SPA)
  • Mobile applications
  • APIs including RESTful and GraphQL

Undertaking penetration testing by a team that understands Cloud is important for Cloud hosted applications as Cloud infrastructure is different to traditional security paradigms.

HRG Australia is the Australian division of an international corporate travel services company. The international roll out of a new key business application was a miss match with existing regional IT infrastructure and systems.

RedBear IT saved approximately $1 million in planned capital expenses to satisfy new application requirements.

– Steve Ash from HRG Australia

TESTIMONIALS

CONTACT

Let’s have a chat to discuss how we can help with your penetration testing

Our Headquarters

Level 2, 551 Little Lonsdale St
Melbourne VIC 3000
Australia

Email us

hello@redbearit.com.au

Call us

1300 733 232

Follow Us

LinkedIn
Twitter

Close Menu