Episode 17: How to do penetration testing in cloud application

Episode 17 August 02, 2020 00:37:03
Episode 17: How to do penetration testing in cloud application
SilverLining IL
Episode 17: How to do penetration testing in cloud application

Aug 02 2020 | 00:37:03

/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Oz Avenstein

Guest Title:  Founder

Company:  Avensec

Abstract

Penetration tests are one of the strongest controls that we use. It is testing the overall resilience of our application and allows us to be more confident in our workloads. But in the cloud era, cloud applications pen testing needs to be coordinated with the providers. In this episode we talk with Oz Avenstein, an application security expert, about the challenges of cloud penetration testing and how to do it correctly.

Timing:

0.50 introducing our guest

3.40 How is cloud penetration tests different from regular pen tests?

5.01 elaborating about IaaS/PaaS particular pen test policies 

8.45 pen testing SaaS applications 

11.05 relaying on 3rd party pen testing

12.02 cloud pen test considerations and phases

17.35 the actual pen testing 

21.20 the reporting phase

23.40 incorporating pen test into applications development cycle 

34:00 Summary and last words

 

Other Episodes

Episode 54

September 21, 2022 00:31:04
Episode Cover

SilverLining Episode 54: Threats on CI/CD pipeline

Guest: Guy Flechter Guest Title: CEO & Co-Founder at Cider Security Topic: Threats on CI/CD pipeline  Language: English   Abstract The main attraction point in...

Listen

Episode 41

August 25, 2021 00:40:02
Episode Cover

SilverLining Episode 41: Securing ci/cd pipeline using policy as code

Guest: Eran Leib (vp product), Maor Goldberg (CEO) Guest Title:  Founders at Apolicy (a sysdig company) Abstract: Infrastructure and policy as code is one...

Listen

Episode 32

January 05, 2021 00:31:39
Episode Cover

Episode 32: Understanding Infrastructure as Code and How to Use it Effectively

Attendees Guest: Ohad Maislish  Guest Title: Co-Founder & CEO  Company: env0 Abstract Infrastructure as code is one of the most interesting technologies in the...

Listen