Pentesting Google Cloud

Most of the organizations are migrating to cloud. That move comes vulnerability resulting in the increased importance of the Penetration Testing in applications to protect their resources over the various models of the Cloud. Security in the cloud needs a well thought of strategy with continuous supervision and surveillance.

The “Buckets” as Google’s hosting resources are known, must be evaluated in terms of permits, connections, connection resources or information that can be revealed to the general public and become a risk for organizations.

In addition to the basic pentesting exercises towards cloud services, tests must be carried out on the behavior of the buckets, the response of the security systems included and the human response to possible incidents. For example, validate that from a process in a Bucket it is possible to scale privileges and expand attack vectors.