New from Ponemon Institute: The State of Offensive Security in 2023. Read the Report ›

Cloud Security Podcast: Network Pentest 2.0 - The Cloud Pentest Revolution

Cloud configuration review is not a cloud security pen test! For this episode we have ⁠Seth Art ⁠from Bishop Fox to clarify the myth.

Watch Bishop Fox's Seth Art on Episode 188 of Cloud Security Podcast. Cloud configuration review is not a cloud security pen test! Black Hat USA 2023 & DEFCON 31 conversations included Cloud Security Podcast asking traditional and experienced pen testers about their opinion on cloud security pen testing and the divide was between it being a config review or a product pen test. For this episode we have ⁠Seth Art ⁠from Bishop Fox to clarify the myth.

Questions asked:

00:00 Introduction
05:17 A bit about Seth Art
06:44 Network vs Infrastructure Security Pentest
08:00 Internal vs External Network Security Pentest
10:26 Assumed vs Objective Based Pentest
12:51 Is network pen test dead?
14:04 How to approach network and cloud pen tests?
20:12 Cloud pen test is more than config review
24:04 Examples of cloud pen test findings
30:07 Scaling pen tests in cloud
32:25 Traditional skillsets to cloud pen test
36:58 A bit about cloudfoxable
39:31 Cloud pen test and Zero Trust
40:54 Staying ahead of CSP releases
44:31 Third party shared responsibility
47:35 1 fun question
48:36 Boundary for cloud pen test

Seth art

About the author, Seth Art

Principal Security Consultant

Seth Art (OSCP) is a Principal Security Consultant at Bishop Fox, where he currently focuses on penetration testing cloud environments, Kubernetes clusters, and traditional internal networks.

Seth is the author of multiple open-source projects including CloudFox, CloudFoxable, IAM Vulnerable, Bad Pods, celeryStalk, and PyCodeInjection. He has presented at security conferences, including fwd:cloudsec, DerbyCon, and BSidesDC, published multiple CVEs, and is the founder of IthacaSec, a security meetup in upstate NY.

More by Seth

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.