ILT-Interlaboratory Test | Proficiency Testing Provider | Programs
ILT-U-621

Request Quote
ILT-Interlaboratory Test | Proficiency Testing Provider | Programs

ILT-U-621

Cloud Application and Configuration Security Proficiency Test. Aligned with the App Defense Alliance Cloud Application and Configuration Assessment Framework

SKU: ILT-U-621 Category: Tag:

Determination

Method

D-01 Public Storage ExposureIdentify and validate unauthenticated access to cloud storage objects.
D-02 Metadata DisclosureAnalyze exposed objects and determine whether metadata reveals security-relevant information.
D-03 Broken Object AuthorizationTest access controls by requesting resources belonging to other users.
D-04 Cross-Tenant AccessAssess tenant isolation by attempting access to resources belonging to different tenants.
D-05 Excessive IAM PermissionsAnalyze application behavior and available information to determine whether permissions exceed operational requirements.
D-06 Permission ScopeValidate the effective scope of excessive permissions through controlled access testing across tenant boundaries.
D-07 Undocumented Endpoint DiscoveryPerform application and API enumeration to identify undocumented functionality.
D-08 Sensitive Information DisclosureAnalyze undocumented interfaces to determine whether operational or security-sensitive information is exposed.
D-09 Logging CoverageEvaluate whether security-relevant activities generate corresponding audit records.
D-10 Monitoring EffectivenessAssess whether suspicious or unauthorized activities produce alerts or detection mechanisms.
D-11 Vulnerability CorrelationAnalyze relationships between identified weaknesses and determine potential attack paths.
D-12 Full Exploitation PathDemonstrate and document a complete attack chain leading to cross-tenant compromise.
D-13 Confidentiality ImpactAssess the impact of identified weaknesses on the confidentiality of tenant data.
D-14 Tenant Isolation ImpactEvaluate the impact of findings on logical separation between tenants.
D-15 Monitoring ImpactAssess the operational consequences of insufficient logging and monitoring controls.
D-16 Decoy ValidationValidate the exposed API key or other indicators and determine whether they represent genuine security findings.
Share
Related products
Request Quote
ILT-Interlaboratory Test | Proficiency Testing Provider | Programs

ILT-U-3586

Accessibility requirements for ICT products and services (Web pages)

Request Quote
ILT-Interlaboratory Test | Proficiency Testing Provider | Programs

ILT-U-1320

CVP-Core — FIPS 140-3 Central Validation Proficiency Test

Request Quote
ILT-Interlaboratory Test | Proficiency Testing Provider | Programs

ILT-U-802

Mobile Application Security Proficiency Test. Aligned with the App Defense Alliance Mobile Application Security Testing Approach

Request Quote
ILT-Interlaboratory Test | Proficiency Testing Provider | Programs

ILT-U-3579

Cyber Security for Consumer Internet of Things

Request Quote
ILT-Interlaboratory Test | Proficiency Testing Provider | Programs

ILT-U-1061

Common Criteria Security Target Evaluation (ASE) for IoT Systems. IoT Common Criteria Proficiency Testing Scheme – Baseline Level

Request Quote
ILT-Interlaboratory Test | Proficiency Testing Provider | Programs

ILT-U-2129

Software test technique using Risk Based testing.