Creative Commons License

Contributions Welcome

OWASP Cloud Security Testing Guide

This is the official GitHub Repository of the OWASP Cloud Security Testing Guide (CSTG). The CSTG is designed to be a comprehensive guide for developers, cloud architects, security testers and anyone else involved in the securing of cloud environments.

The high speed in which Cloud Service Providers release and update products and services means that anyone responsible for securing such environments must continuously maintain an in-depth understanding of each Cloud Service Provider(s) offerings.

For this reason, The CSTG combines comprehensive, objective technical processeses for testing the security of Cloud environments combined with a high level view of the key areas in cloud security.

Table-of-Contents

Introduction

Key Areas in Cloud Security

Amazon AWS Testing Guide

Compute Services

Networking

  • [VPC]

Cloud Data Storage

Microsoft Azure Testing Guide

Project Leaders