In-depth, platform specific review of cloud-based application infrastructure and underlying components to assess compliance with security best-practices.
Platforms include Amazon Web Service, Google Cloud Platform, Microsoft Azure and more. This assessment looks at the security of the various components of a cloud-based applications including identity and access management, virtual machines, virtual networking, virtual security appliances, data storage, databases, and virtual private clouds.
Testing covers injection (URL, SQL, LDAP, cookie etc.), authentication, session management, cross-site scripting, object/function access control, data exposure, misconfigurations, vulnerable components/frameworks/libraries, forged redirect/forwards, cookie security, hashing and more.
Notes: Testing assesses against OWASP Top 10 and beyond to ensure baseline coverage and more. For production systems, Illumant takes care not to run potentially destructive exploits.
Comprehensive reviews of: