Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Amazon AWS - Pen-Testing

  • 06-02-2012 2:42pm
    #1
    Kenz
    Registered Users, Registered Users 2 Posts: 66 ✭✭


    Hey peoples...

    Right, I'm going to need to perform some security tests against a system we're developing on Amazon AWS over the next couple of months. Anyone have any particular experience, and therefore words of wisdom/advice, on testing against AWS? Anything in particular that's different about testing against AWS, when compared to other hosted WebApps or software apps?

    I've read through the AWS tech pdfs and know i need to fill in and submit forms, etc to get permissions beforehand.

    PS - I know this is Dev related, so might not completely fit in here, but all the Security talk seems to be in here - Anyway, what do Devs care about Security (sure it works doesn't it) ;O)

    Later...
    Tagged:


Comments

  • #2
    fcerullo
    Registered Users, Registered Users 2 Posts: 52 ✭✭fcerullo


    hey Kenz,

    that's actually a very good question and completely depends on the scope of the exercise... I would suggest you to drop an email to AWS Security.

    From an official response:

    "If any Amazon EC2 customer wishes to conduct port/vulnerability scanning or penetration testing, please email us at aws-security@amazon.com and we'll work with you to ensure your testing is conducted promptly and appropriately."

    BTW.. why don't you join OWASP Ireland on Linkedin?

    http://www.linkedin.com/groups/OWASP-Ireland-3228848

    Plenty of like-minded professionals willing to help.

    Fabio

    @fcerullo


  • #3
    Kenz
    Registered Users, Registered Users 2 Posts: 66 ✭✭Kenz


    fcerullo wrote: »

    BTW.. why don't you join OWASP Ireland on Linkedin?

    http://www.linkedin.com/groups/OWASP-Ireland-3228848

    Plenty of like-minded professionals willing to help.

    Fabio

    @fcerullo

    Cheers Fabio - I'll go take a look at QWASP IE Linedin site, and see what i can find out. I was on the OWASP IE site lastweek, but didn't notice anything;O)

    Later,
    Ken


Advertisement