6

Setting Up Isolated Penetration Testing Lab Environments on AWS

If you have worked on real-world projects and systems running in the cloud, you are probably aware that actual network environments generally involve more than a single cloud resource. To ensure that critical resources are not exposed and directly accessible from resources outside of the network environment, cloud resources are grouped and proper network configuration involving security groups, network access control lists, and routing rules is implemented as well. With a segmented network architecture, attackers may need to compromise a less secure system first and then use this compromised system to pivot to critical resources in internal networks. This technique, known as ...