OWASP Cloud Security Testing Guide
This is the official GitHub Repository of the OWASP Cloud Security Testing Guide (CSTG). The CSTG is designed to be a comprehensive guide for developers, cloud architects, security testers and anyone else involved in the securing of cloud environments.
The high speed in which Cloud Service Providers release and update products and services means that anyone responsible for securing such environments must continuously maintain an in-depth understanding of each Cloud Service Provider(s) offerings.
For this reason, The CSTG combines comprehensive, objective technical processeses for testing the security of Cloud environments combined with a high level view of the key areas in cloud security.
Table-of-Contents
Introduction
Key Areas in Cloud Security
- Cloud Data Storage
- Internal Cloud API Services
- Authentication and Authorization
- Architecture Design
- Secure Configuration & Monitoring
Amazon AWS Testing Guide
Compute Services
Networking
- [VPC]