Cloud Security Testing for Amazon AWS
Boost Confidence in the Cloud with Core CloudInspect Cloud Security Testing for Amazon AWS
By proactively testing your Amazon AWS instances against real-world threats, Core CloudInspect™ helps you confidently confirm whether your cloud deployments are secure.
Your company’s reputation, customer trust, intellectual property, sensitive data, and compliance status depend on your cloud-based infrastructure as much as they do on your in-house IT environment – so security was likely a key consideration when you selected Amazon AWS as your cloud provider.
While Amazon has a robust process for implementing and maintaining host system and virtualization layer security, it’s your responsibility to continuously maintain and test the security of your guest operating systems and applications running on AWS. Ensuring ongoing security in the cloud requires that you not only equip your AWS instances with defensive security controls, but also regularly assess their ability to withstand the latest data breach threats.
Validate Your Cloud Deployments with Real-World Security Intelligence
CORE CloudInspect is the first and only automated cloud security testing solution to deliver on-demand, real-world intelligence on the security readiness of your AWS instances. Using the same network and web application assessment capabilities as Core Security’s proven penetration testing solutions, CloudInspect enables you to:
- proactively verify the security of your AWS deployments against real, current attack techniques
- safely pinpoint and validate critical OS and services vulnerabilities with no false positives
- measure your susceptibility to SQL injection, cross-site scripting, and other web application attacks
- validate security controls required by PCI, HIPAA and other compliance mandates
- get actionable information necessary to apply necessary patches and code fixes
- certify systems before they go live and frequently test to reconfirm security posture over time
Quickly and Easily Verify Your Cloud Security and Gain Actionable Information to Remediate Exposures
A completely automated solution that is tightly integrated with the AWS platform, CloudInspect allows you to quickly initiate security tests of multiple AWS instances and get back to your other tasks. CloudInspect then delivers a variety of reports verifying your security posture and providing actionable intelligence to help you quickly prioritize and remediate any exposures.
- Host Report: provides details specific to machine instances tested and exploited
- Vulnerabilities Report: provides details on exploitable OS and services vulnerabilities, plus links to patches and other remediation resources
- Web Application Vulnerability Report: explains how your applications can be exploited via SQL Injection, Cross-Site Scripting, Remote File Inclusion and other attack types – and provides valuable information for code fixes
- Web Application Executive Report: presents summarized information about vulnerable web pages and how they can be exploited by real-world attackers
Keep Up With Evolving Threats with Repeatable, Updated Cloud Security Testing
Just because your machines are virtual doesn’t mean they aren’t under constant attack. The threat environment is constantly evolving as your instances and applications are updated, as new vulnerabilities are discovered, and as attackers hone their techniques. Therefore, as with your in-house infrastructure, it’s critical to proactively test the security of your cloud deployment on a regular basis. CORE CloudInspect makes it easy to frequently assess your AWS deployment against current cyber security threats.
- Easy to use by AWS administrators and IT security professionals alike
Pre-authorized by Amazon, so you can test your AWS instances on-demand and at your convenience
- Constantly updated by Core Security exploit writers and engineers, enabling you to test for the latest threats
- Repeatable since tests are automated and take only minutes to initiate
- Affordable pricing allows for frequent testing of all your instances
Trust Your Cloud Security Testing to Proven Technology from Security Testing Experts
CloudInspect is brought to you by Core Security Technologies, the leader in proactive IT security test and measurement solutions. Based on the same technology as CORE IMPACT Pro penetration testing software, CloudInspect benefits from Core Security’s world-class vulnerability research, exploit writing, and application development resources.
- Backed by over 15 years experience developing security test and measurement solutions
- Based on CORE IMPACT Pro technology currently deployed with over 1,400 customers worldwide
- Commercial-grade testing capabilities are built in-house by professional developers
- Safe for your cloud deployment since exploits are thoroughly tested to avoid system interruptions
- Comprehensive attack replication tests for thousands of vulnerabilities across multiple system configurations
- Dynamic web application testing capabilities assess the security of your custom applications