Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Penetration Testing for AWS Cloud
Amazon Web Services (AWS) offers a range of cloud hosting services, but AWS only permits security testing of user-operated services. Performing a penetration test in AWS requires adequate planning and expert knowledge of how AWS methodologies differ from traditional pen testing and what can be performed. This course covers the fundamentals of penetration testing within Amazon Web Services. It provides an understanding of how to evaluate AWS cloud services and the types of tools and tests permitted.
Course Overview
Learning Objectives
After completing this course, you will be able to:
- Prepare, plan, and conduct penetration testing in accordance with industry-standard methodologies
- Identify general cloud attack vectors as well as recognize weaknesses specific to the AWS cloud platform
- Use common tools, techniques, and open-source software for testing AWS resources
- Create and implement a plan for securing the cloud based on industry best practices
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.