This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 2.7 of Cloud Threats and Attack Vectors
How APT groups exploit cloud-native services for initial access, privilege escalation, lateral movement across accounts, and data exfiltration.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
MITRE ATT&CK for Cloud
The complete MITRE ATT&CK for Cloud matrix covering IaaS, SaaS, and cloud-native tactics.
Rhino Security: AWS IAM Privilege Escalation Methods
Documented IAM privilege escalation paths with mitigation guidance.
AWS CloudTrail Event Reference
AWS CloudTrail event structure reference for forensic and detection purposes.
LAPSUS$ TTPs — CISA Advisory
CISA advisory on LAPSUS$ group cloud-specific techniques and mitigations.
Quadrant 4 · Self-Assessment
Cloud Threats, Attacks and Privacy
CSA Top 10, SSRF/IMDS, IMDSv2, EDoS, man-in-the-cloud, STRIDE, MITRE ATT&CK for Cloud, and data residency.
Cloud Security: Complete Assessment
Comprehensive 120-question assessment covering all six chapters of the Cloud Security eBook 2026.