# Standards — Cloud Infrastructure Penetration Testing ## Cloud Provider Policies - AWS: https://aws.amazon.com/security/penetration-testing/ - Azure: https://learn.microsoft.com/en-us/azure/security/fundamentals/pen-testing - GCP: https://cloud.google.com/terms/aup ## Frameworks - CIS Benchmarks for AWS/Azure/GCP - NIST SP 800-144: Guidelines on Security and Privacy in Public Cloud Computing - CSA Cloud Controls Matrix (CCM) - MITRE ATT&CK Cloud Matrix: https://attack.mitre.org/matrices/enterprise/cloud/