Identitäts- und Zugriffsmanagement (IAM)
- Over-permissive roles, policies and trust relationships
- Privilege escalation and role-assumption paths
- Weak MFA, exposed access keys and secrets
- Least-privilege and segregation-of-duties review
Storage & Data Security
- S3, Azure Blob and GCS exposure and ACL review
- Encryption-at-rest and key-management review
- Exposed databases and backups
- Sensitive data leakage across services
Compute, Serverless & Containers
- VM, EC2 and Azure VM configuration and SSH/RDP exposure
- Serverless (Lambda, Azure/GCP Functions) abuse
- Container and Kubernetes/ECS security
- Cloud-native app, API and microservice testing
Network, Exposure & Standards
- Security groups, network separation and public exposure
- Offene Ports und Routing-Fehlkonfigurationen
- Lateral-movement and pivot testing
- Übereinstimmung mit CIS-Benchmarks, PCI DSS und SANS Top 25