Getting Started with Cloud Pentesting | Ft. Scott Weston | Ep.78 | Scale To Zero Podcast | Cloudanix
Episode 78 of the Scale to Zero - No Security Questions Left Unanswered podcast, hosted by Scale To Zero, titled "Getting Started with Cloud Pentesting | Ft. Scott Weston | Ep.78 | Scale To Zero Podcast | Cloudanix" was published on November 6, 2024 and runs 56 minutes.
November 6, 2024 ·56m · Scale to Zero - No Security Questions Left Unanswered
Summary
Join us as we delve into the world of cloud pen-testing with our guest Scott Weston, a seasoned cybersecurity expert. In this insightful podcast, we discuss the development of GCPwn, a powerful tool for identifying vulnerabilities in Google Cloud Platform (GCP) environments. Learn about the tool's capabilities, limitations, and future roadmap. We also explore the broader landscape of cloud security, including the shared responsibility model, common misconfigurations, and the importance of continuous learning. Whether you're a seasoned security professional or just starting your journey, this podcast offers valuable insights and practical advice. Shared Responsibility Model: https://www.cloudanix.com/learn/what-is-shared-responsibility-model 00:00 Teaser and Introduction 04:35 Introducing self-developed tool GCPwn 07:30 Is GCPwn an active or passive pen testing tool? 08:47 Envisioning GCPwn for users 10:15 Areas GCPwn does not suit well 12:16 Future Roadmap of GCPwn 13:41 AWS Pwn landscape after year 2016 15:51 Describing Shared Responsibility Model 19:20 Security considerations of cloud platforms as a cloud pentester 22:25 Are pentesting certifications enough? 28:07 Common cloud misconfiguration to look for 35:26 Tools to get started with pen-testing 38:38 Cloud platforms to focus on as a beginner 41:30 Where to get started as a cloud pentester 44:00 Learning resources 53:29 Summary 54:30 Reading and other recommended resources
Episode Description
Join us as we delve into the world of cloud pen-testing with our guest Scott Weston, a seasoned cybersecurity expert. In this insightful podcast, we discuss the development of GCPwn, a powerful tool for identifying vulnerabilities in Google Cloud Platform (GCP) environments. Learn about the tool's capabilities, limitations, and future roadmap. We also explore the broader landscape of cloud security, including the shared responsibility model, common misconfigurations, and the importance of continuous learning. Whether you're a seasoned security professional or just starting your journey, this podcast offers valuable insights and practical advice. Shared Responsibility Model: https://www.cloudanix.com/learn/what-is-shared-responsibility-model
00:00 Teaser and Introduction
04:35 Introducing self-developed tool GCPwn
07:30 Is GCPwn an active or passive pen testing tool?
08:47 Envisioning GCPwn for users
10:15 Areas GCPwn does not suit well
12:16 Future Roadmap of GCPwn
13:41 AWS Pwn landscape after year 2016
15:51 Describing Shared Responsibility Model
19:20 Security considerations of cloud platforms as a cloud pentester
22:25 Are pentesting certifications enough?
28:07 Common cloud misconfiguration to look for
35:26 Tools to get started with pen-testing
38:38 Cloud platforms to focus on as a beginner
41:30 Where to get started as a cloud pentester
44:00 Learning resources
53:29 Summary
54:30 Reading and other recommended resources
Similar Episodes
Apr 11, 2026 ·57m
Apr 10, 2026 ·63m
Apr 8, 2026 ·49m
Apr 3, 2026 ·51m