Cloud infrastructure is quickly displacing datacenter and virtual-machine investments across all industries. Whether you’re building a new cloud-based application or migrating existing software to the cloud, security should be a paramount concern.
We have tested B2B, B2C, supply chain, private cloud-based applications, payment, e-commerce, online streaming media, and collaboration applications for global brands like HP, Discover, Sony, Symantec, and others.
Sample engagements include:
- Security requirements & design review for mission-critical application migration to the cloud
- Penetration test of consumer cloud printing services
- Cloud application deployment review for IoT Web Services
- Security analysis of cloud API gateways, middleware, multi-national infrastructure deployment, and data backup systems
Unrivaled Cloud Expertise – Security Partner to Microsoft and Amazon
Security Innovation has been a trusted security test partner for the Azure and AWS teams for years. Our team operates as an extension of theirs, helping secure the platforms, components, and plug-ins they produce.
We leverage this expertise to:
- Train staff on how to code defensively for cloud threats
- Optimize teams for rapid, secure cloud development and deployment
- Identify application vulnerabilities
- Assess & Review cloud systems for misconfigured technologies and vulnerable components
Cloud Resources
- Cloud Blog Posts
- Guide: Building Security Into Cloud Applications
- AuthMatrix – Burp Suite extension to test authorization in web applications and web services
- Video: Security Testing with Burp Suite
Cloud CoE Lead
Margaret Ho
Senior Security Engineer
Margaret leads our cloud-focused penetration testing, security code reviews, configuration assessments, and threat modeling for our customers. She specializes in Amazon Web Services (AWS) and Microsoft Azure; however, she also has expertise in related cloud technologies such as containers, microservices, virtualization, and cloud APIs. She is responsible for researching innovative testing methods, designing and maintaining the company’s cloud security assessment methodologies, and leading teams on cloud-related security projects for some of the company’s largest clients including the Microsoft Azure and Amazon AWS product groups.