Cloud Security · DeepScan Research
Cloud pentest checklist for AWS, GCP, and Azure teams
What to include in a cloud security assessment: IAM, storage, network exposure, Kubernetes, secrets, logs, and exploit paths.
Cloud security testing should look for exploitable paths, not only misconfiguration counts. A public bucket is important, but the bigger question is what data it exposes, how it got there, whether credentials can reach it, and what an attacker could do next.
IAM is usually the highest-value area. Test overly broad roles, cross-account trust, service account keys, privilege escalation paths, stale users, weak separation between environments, and permissions that allow data access or infrastructure changes beyond business need.
Storage exposure deserves careful evidence handling. Public buckets, signed URLs, snapshots, backups, logs, and data lake paths may contain sensitive information. A report should prove exposure safely without copying unnecessary customer data.
Network and compute testing should include security groups, load balancers, exposed admin services, Kubernetes control planes, container registries, metadata services, serverless functions, and egress paths. Attackers often chain small cloud mistakes into meaningful access.
Secrets and CI/CD are part of cloud scope. Repositories, build logs, environment variables, artifact stores, deployment roles, and automation tokens can create a direct path from code to production.
Monitoring and response are also relevant. If a controlled exploit path succeeds, does logging capture it? Are alerts meaningful? Can the team trace the action? Audit-ready evidence often includes both the vulnerability and the visibility gap.
DeepScan cloud and app-layer testing can connect infrastructure findings to web, API, and compliance impact so teams do not end up with separate reports that fail to explain the real attack path.