Cloud security is a shared responsibility between cloud service providers (CSPs) and users. CSPs must maintain high levels of security to retain client trust, while users are responsible for security at lower levels where they have control. Cloud-based testing raises specific security concerns, including insider access, communication with cloud services, data sharing on servers, and virtual instance recycling. Leaked development information can reveal vulnerabilities and compromise test data, which is equally sensitive as source code. However, cloud-based testing is a practical necessity, especially for virtualized and microservices-based applications, and provides economic benefits through reduced overhead and maintenance costs. A good cloud-based testing service can implement measures to provide high levels of security, such as single-use virtual machines and Transport Layer Security encryption.