After completing a passive cloud configuration review, an active penetration test of the cloud environment will be conducted. Using the information gathered from the configuration review, realistic attack scenarios will be attempted. This phase will evaluate your organization's capacity to detect and respond to malicious activity. The active portion of the evaluation is considered a cloud penetration test because our engineers will simulate an actual intrusion of the environment.
Active cloud penetration testing is extremely valuable because it will engage your organization's incident response team and prepare them on what evidence to look for in the event of a breach that attempts to exploit known configuration flaws in the environment. A further advantage of this phase is that it will enhance coverage of the most recent cloud security threats. Cloud penetration testing is still a relatively new area of security. Certus Cybersecurity is one of the few cloud security service providers that specializes in mitigating such threats by investigating and employing the most cutting-edge attack strategies currently used by the most sophisticated threat actors today.