Cloud Security Testing

Many cyber security organizations claim to provide Cloud focused assessments which result in basic security scans of Cloud assets and provide minimal useful findings. Cloud platforms provide many complex avenues of attack due to the administrative infrastructure that sits below the virtualized servers and applications. New methods of authentication are implemented to wrap around legacy systems which result in complex configurations and integrations that cannot be scanned with automated tools. The administrative layer of the Cloud contains many complex configurations that control what capabilities users have based on complex hierarchies of groups, organizations, and permission models. These configurations cannot be automatically scanned to determine what the impact of a compromised guest account, user account, or administrative account could be. Vigilant has a highly skilled team of cyber experts who do not rely on automated scans but work with our customers to quickly identify risks and mitigations to vulnerabilities in their systems that usually go undetected.