Cloud pen testing improves cybersecurity by identifying vulnerabilities in a cloud system and fixing these issues. The other articles in the cloud pen testing series focus on the OWASP Web Security Testing Guide (WSTG) as one methodology to use to create a cloud pen testing checklist. This article focuses on using other methodologies such as the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-115 and Penetration Testing Execution Standards (PTES) Technical Guidelines. Focusing on multiple methodologies helps cybersecurity teams create a holistic cloud pen testing checklist, which will improve vulnerability detection and increase system uptime.
Cloud Pen Testing Methodologies
It is important to choose a suitable methodology for a cloud pen testing checklist. Without a suitable methodology, testing will be incomplete and vulnerabilities will be missed. Two methodologies to consider are the NIST SP 800-115 and the PTES Technical Guidelines. These methodologies are good resources …