Ne Sunuyoruz? GCP Penetration Test Scope
We test every layer of Google Cloud Platform: IaaS, PaaS, SaaS and serverless mimariler.
Compute Engine
VM instance security, firewall rules, service account permissions, metadata endpoint protection, OS-level vulnerability scanning.
Kubernetes Engine (GKE)
Cluster security, RBAC configuration, pod security policies, network policies, secrets management, container escape testing.
Cloud Storage
Bucket ACLs and IAM policies, public access controls, signed URL security, object versioning, lifecycle policy review.
IAM & Security
Identity and Access Management, service account privilege escalation, custom role analizi, VPC Service Controls.
BigQuery & Databases
BigQuery dataset security, Cloud SQL injection testing, Firestore/Datastore access rules, data exfiltration scenarios.
Network & VPC
VPC firewall rules, Cloud NAT, Cloud Armor WAF bypass, Load Balancer security, Private Google Access.