Hosted By
Attendees
Guest: Oz Avenstein
Guest Title: Founder
Company: Avensec
Abstract
Penetration tests are one of the strongest controls that we use. It is testing the overall resilience of our application and allows us to be more confident in our workloads. But in the cloud era, cloud applications pen testing needs to be coordinated with the providers. In this episode we talk with Oz Avenstein, an application security expert, about the challenges of cloud penetration testing and how to do it correctly.
Timing:
0.50 introducing our guest
3.40 How is cloud penetration tests different from regular pen tests?
5.01 elaborating about IaaS/PaaS particular pen test policies
8.45 pen testing SaaS applications
11.05 relaying on 3rd party pen testing
12.02 cloud pen test considerations and phases
17.35 the actual pen testing
21.20 the reporting phase
23.40 incorporating pen test into applications development cycle
34:00 Summary and last words
Attendees Guest: Shira Shamban Guest title: Cloud Security Company: Check Point (Dome9) Cloud providers has invested heavily in adding visibility, monitoring and logging capabilities...
Attendees Guest: Gadi Naor Guest Title: VP Software Engineering, Cloud Security @ Rapid7 Topic: Cloud Native Security Foundations Abstract Lately, The CNCF (Cloud Native...
Attendees Guest: Damir Savanović Guest title: Senior researcher Company: Cloud Security Alliance Abstract Creating trust is one of the major challenges for cloud providers...
