Cloud is the preferred solution for data storage, infrastructure and services on demand today. Most enterprises migrate to the Cloud following different models as alternatives; Public, Private or Hybrid and also service models of choice SaaS, IaaS or PaaS.
The vulnerabilities faced by the data stored on the Cloud or applications hosted there are self-explanatory, justifying the increasing importance of the Penetration Testing of Cloud based applications, services and infrastructure. With an increasing number of enterprises migrating to the Cloud, the chances of breaches, threats and vulnerabilities increase day by day. Enterprises face unique challenges in protecting their resources over the various models of the Cloud.
Cloud Applications Penetration testing comes with a unique challenge. The test strategy changes if the testing is to be done for the Cloud Service Provider versus the Tenant. Since a Cloud is essentially a multi-tenant model; when the Cloud testing needs to be done for a particular tenant, it should avoid putting others at unease and also be conducted within the legal limits.