External exposure
What an attacker can reach from the internet: exposed services, forgotten endpoints, and storage or databases left open to the world.
- Internet-facing services
- Open storage & databases
- Exposed management planes
- Forgotten assets
Most cloud breaches are not clever exploits. They are a bucket someone made public, a role with too many permissions, or a key left where it should not be. We test your AWS, Azure and Google Cloud the way an attacker would, from the outside in and from a foothold out, across exposure, configuration and identity.
What an attacker can reach from the internet: exposed services, forgotten endpoints, and storage or databases left open to the world.
The settings an attacker abuses once inside: public buckets, over-permissive security groups, weak defaults and missing logging.
The identity model that decides how far a foothold goes: over-privileged users and roles, and the paths an attacker uses to reach full control.
It is rarely a zero-day. Far more often it is a misconfiguration or an over-privileged identity, the kind of gap that hides in plain sight. We look for what a real attacker would find, then prove how far it goes.
Every cloud engagement follows the same clear phases, so you always know what is happening and why.
We agree the accounts, services and providers in scope, arrange read-only access for the review, and sign off the rules of engagement.
We map what your cloud exposes to the internet: services, endpoints, storage and management interfaces.
We work through the account configuration for the weaknesses attackers rely on: public storage, weak network rules and missing controls.
We map the identity model and find the paths from a low-privileged foothold to full control.
We safely prove impact, chaining the misconfigurations and identity flaws the way a real attacker would.
You get an executive and technical report within 48 hours, then a free retest of critical and high findings once you have fixed them.*
Not a 500-page tool export. You get the handful of things that actually put you at risk, and how to fix them.
* The free retest covers critical and high findings within 30 days, one retest per engagement, delivered remotely and excluding on-site costs. Applies to UK-based engagements only. See our terms for full details.
Straight answers to what clients ask most about cloud engagements.
AWS, Azure and Google Cloud, and the services most businesses run on top of them. We test the exposed surface, the configuration and the identity model in each, and agree the exact accounts and services in scope with you before we start.
A configuration review checks your cloud settings against good practice: public storage, over-permissive roles, missing logging and so on. A penetration test goes further and proves what an attacker could actually do by chaining those weaknesses together. We do both in one engagement, so you get the checklist and the proof of impact.
For the configuration and identity work, yes: read-only access to the accounts in scope lets us see what an attacker would abuse after getting in. The external exposure testing needs nothing from you. We agree the access, the scope and the boundaries up front, and everything is logged.
Yes. Most cloud testing is read-mostly and safe against production under agreed rules of engagement. Where an action carries any risk, we agree it with you first, and we never touch your data or availability without sign-off.
Yes. Where they are in scope we test container images, registries and Kubernetes clusters, including the roles and network policies that decide how far a compromised container can reach.
An infrastructure test focuses on hosts, networks and services. Cloud testing adds what is unique to the cloud: the account configuration, the storage, and the identity and permissions model that a traditional network test does not cover. Many clients scope the two together.
Tell us what you run and where, and what worries you. We will come back within one working day with a suggested approach and a fixed-price scope, with no sales theatre.