Skip to content

CLOUD SECURITY

It is a process of finding and solving the security flaws in cloud security. The sole purpose of this testing is to check the strengths and weakness of the cloud security.

Cloud security Responsibility matrix

Get web, cloud and data security service

Common Checklists to keep in mind:

1.Check the Service Level Agreement and make sure that proper policy has been covered between Cloud service provider (CSP) and Client.

2.To maintaining the Governance & Compliance, check the proper responsibility between Cloud service provider and subscriber.

3.Check the service level agreement Document and track the record of CSP, determine role and responsibility to maintain the cloud resources.

4.Check the computer and Internet usage policy and make sure it has been implemented with proper policy.

5.Check the data which is stored in cloud servers is encrypted by default.

6.Check the Two Factor authentication is used and validate the OTP to ensure the network security.

7.Check the SSL certificates for cloud services in the URL and make sure certificates purchased from repudiated Certificate Authority (COMODO, Entrust, Symantec, Thawte etc.)

8.Check the Component of the access point, data center, devices, using appropriate security Control.

9.Check the policies and procedure for disclose the data to third parties.

10.Check if CSP offers for cloning and virtual machines when required.

11. Check the proper input validation for Cloud applications to avoid web application Attacks such as XSS, CSRF, SQLi, etc.

Weekly Newsletter

Subscribe to our weekly newsletter to get weekly update.