Cloud Penetration Testing is similar to penetration testing in general methodology used. On Cloud testing the consultant has to have better understanding of the attack surface that your systems are exposed to. Cloud systems, whether they are infrastructure as a service (IaaS), platform as a service (PaaS), or software as a service (SaaS), are prone to security misconfigurations, weaknesses, and security threats.
Gain visibility of the security weaknesses of your cloud estate and make sure that configuration of the cloud infrastructure and applications is reviewed and assessed to business regulatory, and compliance requirements. Report produced with a summary table showing the benchmarks and whether you are following the best practice, with individual technical findings breaking the findings down in more detail, as well as detailed explanations and remediation advice.