Sunday, June 22, 2014

AWS Web site on S3 and Pen testing

You're not allowed to pen test AWS API endpoints, only your own EC2/VPC instances and config. More information here on this blog post:

If you are hosting a static site on S3,  you should read the risk and security white papers ( They discuss how AWS regularly scans S3 for vulnerabilities and performs regular penetration testing. The ISO 27001 certification also validates that. 


  1. Thanks for providing this informative information you may also refer.

  2. The extensive POPs covering the greater China region. International connections offer the lowest latency, and datacenters in Beijing are armed with Multi-BGP lines to the five major telcos including China Unicom, China Telecom, and China Mobile. Professional teams can get your business up and running in the shortest time.

    aws training in chennai