Cloud Recon & Identity Enumeration
20%
Tenant/account discovery, IAM principal analysis, trust relationships.
Identity & Access Abuse
25%
Privilege escalation paths, role abuse, token misuse and policy weaknesses.
Data Plane & Service Misconfiguration
20%
Storage exposure, compute metadata abuse, serverless/container weaknesses.
Hybrid/Control Plane Attack Paths
20%
Federation, CI/CD, key management, conditional access and cross-service chaining.
Detection, Reporting & Remediation Priorities
15%
Cloud-native logging evidence, business impact, prioritized fixes.