Security News > 2021 > February > Think you know all about security pen-testing in the cloud? Here’s how to prove it

On the face of it, cloud penetration testing might appear a complex undertaking involving very different architectures, such as containers and Kubernetes, to those found in traditional on-prem infrastructure.

Having documented proof that you have the requisite skills to conduct cloud specific penetration testing and assess the security of cloud-based infrastructure gives your organisation an additional layer of comfort.

Which is why you'll want to consider the newly launched GIAC Cloud Penetration Testing certification, whether you class yourself as a penetration tester, vulnerability analyst or attack or defense focused security practitioner - or none of these.

As well as covering the fundamentals of cloud penetration testing, environment mapping and service discovery, the GCPN qualification digs into the security nuts and bolts of cloud native applications with containers and CI/CD pipelines.

Naturally, it encompasses red team penetration testing of cloud environments, discovery and identification of potential sources of exposure in cloud environments, and password and web application attacks.

Whether your background is in traditional security practice or risk assessment, or you're a DevOps or SRE specialist, securing GCPN certification will give you, and more importantly the rest of the world, proof that you're both a cloud native, and a security native.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/02/24/sans_institute_pen_testing_certification/