“The Cloud” is secure. That is, Microsoft Azure, Amazon Web Services and Google Cloud Platform, are three main cloud providers operate extremely secure data centers and services. Keep in mind that we are talking about shared responsibility in the cloud: you are still responsible for identity and data security. Along with known security tools and services, you should consider penetration testing your cloud environment to take cloud security up a notch. In this session, you will learn about various techniques, frameworks, tools, and approaches to perform offensive exploitation of cloud infrastructure. You will get an insight and understand how to conduct reconnaissance to identify vulnerable services, find misconfigurations and insecure configurations for various components, and how adversaries could use these vulnerabilities to gain unauthorized access. Additionally, you will learn about common attack vectors that attackers use to compromise cloud environments and how to protect yourself against them.