Cloud and Container Security
The services below are a subset of what InGuardians can do for your organization.
Kubernetes Penetration Testing
InGuardians has performed many Kubernetes penetration tests, attacking on-premises, public cloud-based, and hybrid clusters. The team’s experience spans multiple Kubernetes distributions, including OpenShift and Rancher’s K3S, and other installers, as well as managed Kubernetes environments, like Google Cloud’s GKE, Amazon’s EKS, and Microsoft Azure’s AKS.
Serverless Penetration Testing
Cloud Security Architecture and Product Review Services
Whether they’ve designed for a major cloud provider, use on-premises API technologies, or the hybrid approach, companies’ rising adoption of these technologies has contributed to a widening of this type of attack surface. With that in mind, InGuardians offers state of the art Security Architecture Review and Product Review services, assessing the most important aspects of cloud security development and deployment, focusing on foundational services such as:
- Identity and Access Management
- Storage Services
- API Gateways and Network Defenses
- Orchestration and Containerization
- Detection and Logging
- Serverless / Functions as a Service
Cloud-Native Penetration Testing
During these engagements, multiple scenarios and techniques are employed. Some examples are:
- Cloud credential compromise through a public web application, escalated via unexpected cloud service use.
- Privilege escalation through over-privileged roles associated with underlying compute instances.
- Cloud API Keys are obtained through exposed code repository files.
- Attacking from the perspective of a compromised cloud user (assume-breach scenario).
Executive Consulting Services
Whether you’re building a product that integrates an orchestration system or use APIs and orchestration systems to offer your services, InGuardians can both emulate attacks and advise on improvements, combining the mindset and creativity of an attacker with the professionalism and expertise of skilled security professionals.
Press and Speaking