Testing in Azure follows RedTeam Security's standard network or web application penetration testing methodology, 并对Azure环境架构进行了一些具体的修改. RedTeam Security uses PTES as the framework for our comprehensive network penetration testing methodology, and our web application penetration testing focuses on identifying OWASP's Top 10 vulnerabilities.
We utilize many of the same techniques employed for standard penetration testing engagements while also checking for Azure-specific misconfigurations and vulnerabilities during Azure penetration testing engagements. 这些检查可能包括对公共可访问存储帐户的测试, 作用域不恰当的Azure基于角色的访问控制(rbac), weak password policies, guest access, and seeking to penetrate on-premises Windows Active Directory systems synced to the cloud using Azure AD Connect.
RedTeam Security's cloud pen testing includes three different attack vectors within the Azure platform:
RedTeam Security's penetration testing methodology assesses the cloud security of your environment using a multi-layered approach: Information Gathering, Threat Modeling, Vulnerability Analysis, Exploitation, and Reporting.
在开始评估您的云环境之前，首先要进入预参与阶段. During the pre-engagement phase, RedTeam will collect the details needed to begin the project. 在此步骤中收集的数据元素包括测试窗口, testing dates, IP addresses, 以及其他相关信息. This phase is crucial as it establishes the general rules of engagement for your Azure pen testing engagement.
RedTeam将与您密切合作，确认启动会议所需的细节. 这项重要的工作确保了云笔测试的高效执行, effectively, 根据总体目标.
除了在典型的室内冰球突破豪华版试玩中收集的数据之外, 冰球突破豪华版试玩汇编所需的其他信息 Microsoft Azure pen testing , 包括列举公共可访问的服务和资源, and enumerating principles, roles, 和资源连接到Azure帐户.
威胁建模是一个多步骤的过程. Initial threat modeling will be done through discussions with you to identify your most important assets to protect. 对于一些公司，这可能是财务数据，知识产权，或捐赠信托.
Then, 因为附加信息是通过信息收集来收集的, 威胁模型是不断完善的. This begins with using various security tools to perform automated scans and is followed by using manual testing techniques to dig deeper, uncover, 并验证潜在的漏洞. 在威胁建模步骤中，将对资产进行标识并将其分类到威胁类别中. 这些类别可能包括敏感文件, trade secrets, or financial information but more commonly consist of technical information found during the previous phase.
RedTeam Security will leverage additional automated tools to identify vulnerabilities in the environment, 无论是网络还是web应用程序, 以及任何关于原理的列举信息, roles, subscriptions, resource groups, 和Azure环境中的资源，并确定安全问题. RedTeam Security will also analyze the account's security by checking the status of configurations like multi-factor authentication and guest access. We will develop attack chains during this phase based on our initial findings regarding Azure roles and resources. The aim will be to create opportunities to exploit vulnerabilities that allow for privilege escalation, resource misuse, 或数据外泄以实现业务的目标.
不像脆弱性评估, 冰球突破豪华版试玩寻求对漏洞采取行动以实现利用. Exploitation involves establishing access to systems by bypassing security controls to determine the real-world effectiveness of your defenses and your actual level of risk. 在RedTeam安全云平台冰球突破豪华版试玩期间, 这个阶段包括协调的手工测试策略，并且通常是时间密集的.
At RedTeam Security, 冰球突破豪华版试玩认为这一阶段是最重要的, and we take great care to ensure we've communicated the value of our service and findings thoroughly. Our comprehensive Azure pen testing services will help you ensure that your cloud infrastructure is designed and configured according to best practices. The report will provide an analysis of the current state of your Azure environment and help you prioritize which vulnerabilities to address first and how best to use your budget to maximize strength and resilience in your security posture.
如果标识了要进行补救的项, 一旦这些补救措施完成，请让冰球突破豪华版试玩知道, 冰球突破豪华版试玩会安排对这些补救措施进行重新测试. 一旦重测完成，冰球突破豪华版试玩会发布更新后的报告.