Mastering Cloud Penetration Testing

Employ penetration-testing strategies, identify vulnerabilities, and ramp up security on the cloud About This Book * This will be the first book in the market that helps you to master cloud penetration skills * It will assess and eliminate vulnerabilities on your virtual machines and cloud-based applications * The book will leverage the power of Kali Linux and Metasploit to conduct effective cloud penetration testing on public, private, and hybrid cloud services Who This Book Is For This book is targeted at penetration testers who have a basic understanding of the cloud and its security concepts. What You Will Learn * Utilize a wide range of methodologies specific to cloud penetration testing * Learn to investigate incidents in the event of a breach * Gain an in-depth understanding of the IaaS, Paas, and SaaS models and their corresponding pentesting strategies * Organize and set up security roadblocks around the cloud * Analyze the essentials of cloud infrastructure and laws on the popular platforms * Recognize common vulnerabilities and secure them In Detail Cloud technology is being adopted by corporations around the world simply because it enables them to do away with servers and much of their IT hardware. This rapid migration to the cloud offers several benefits, but it also exposes these organizations to terrifying attacks. As a result of these recent attacks, companies have started investing heavily in cloud penetration testing to safeguard themselves. Mastering Cloud Penetration Testing will focus on training security professionals to identify and mitigate technical security weaknesses while setting up secure environments on the cloud. It will cover a wide range of methodologies while using familiar tools such as Metasploit, Nmap, Burp, and Kali-Linux. The book will show you how to secure cloud environments such as IaaS, PaaS, and SaaS, including public and private clouds such as AWS, Azure and OpenStack. In addition to this, it will go through the formulation of pentesting strategies based on various cloud deployment models, management, and security.

About the Author :
( https://www.linkedin.com/profile/view?id=AAkAAAGDtwUBF2Kz4Niu_1F0saV1UrxLkPEXkgI&authType=NAME_SEARCH&authToken=cG-D&locale=en_US&trk=tyah&trkInfo=clickedVertical%3Amynetwork%2CclickedEntityId%3A25409285%2CauthType%3ANAME_SEARCH%2Cidx%3A1-1-1%2CtarId%3A1448441295763%2Ctas%3Akunal) Is an information and cyber security professional with over 12 years' experience in setting up large security programs. He is currently working as head of information security at Schroders. Kunal has extensive knowledge in setting up regional security services, with teams spread across APAC. His core strength lies in defining actionable roadmaps for technically complex projects, while at the same time setting up strong governance to monitor the results. He is well versed in regulatory requirements across all APAC countries, and has worked on several initiatives to conduct gap-assessment, address non-compliances, and to improve the overall security posture of the organizations. Kunal is a true security evangelist who believes in staying updated with the current happenings in the cyber-world and invests all non-working hours in reading, blogging, and researching security topics. It is of the utmost importance to be aware of the industry, of competitors, and especially to be knowledgeable of the current threat landscape. Kunal has also featured as a guest speaker at numerous forums in Singapore and India. Blog: http://kunseh.blogspot.in/ ( https://www.linkedin.com/profile/view?id=AAkAAABw6V8BVp5e0dfS2i6ucHv5vErGupNYrew&authType=NAME_SEARCH&authToken=Io3X&locale=en_US&trk=tyah&trkInfo=clickedVertical%3Amynetwork%2CclickedEntityId%3A7399775%2CauthType%3ANAME_SEARCH%2Cidx%3A1-3-3%2CtarId%3A1448441300839%2Ctas%3Araj) Rajnish leads Cyber Security at KPMG. He has over 14 years' experience in helping organizations manage Information Security focused on governance, risk and vulnerability Management. He is passionate about improving the security posture of organizations in Information Protection, Application Security, and Identity and Access Management and has successfully led global and regional security projects for major clients in the Finance, Oil and Gas, Healthcare, and Government sectors. Rajnish is a Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), and Certified Ethical Hacker (CEH). He has led and managed a series of initiatives in the Financial Sector to review information security strategy, Identity, and Access Management framework and developed a roadmap to implement the strategy. His specialties include: Global Program Management, risk assessment, and the design and delivery of security services and solutions.