Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

New Solution Tests Security of Amazon Web Services Cloud Deployments

At the Cloud Computing Expo taking place this week in New York City, Core Security Technologies launched a software-as-a-service (SaaS) based security testing solution for Amazon Web Services (AWS) environments. The service, dubbed Core CloudInspect™ is an automated security testing solution that delivers on-demand intelligence and helps identify exploitable vulnerabilities in systems and web applications while verifying the security of AWS cloud instances.

At the Cloud Computing Expo taking place this week in New York City, Core Security Technologies launched a software-as-a-service (SaaS) based security testing solution for Amazon Web Services (AWS) environments. The service, dubbed Core CloudInspect™ is an automated security testing solution that delivers on-demand intelligence and helps identify exploitable vulnerabilities in systems and web applications while verifying the security of AWS cloud instances.

CORE Security Testing SolutionDelivered on-demand via a SaaS model, Core CloudInspect uses methods honed for over a decade in Core Security’s CORE IMPACT Pro penetration testing software. The service is backed by Core’s vulnerability research, exploit writing, and application development resources, making it a good solution for AWS administrators and operational security professionals to both evaluate systems in development and conduct repeated testing to reassess live deployments over time.

With CloudInspect, users can initiate security tests of AWS-hosted instances and Web pages by logging into the Core CloudInspect service at www.CoreCloudInspect.com, authenticate their AWS deployment, identify instances and web pages to be assessed, and initiate the test. CloudInspect then automatically tests for exploitable weaknesses and delivers a variety of reports verifying security posture and providing actionable intelligence to help users prioritize and remediate any exposures.

AWS Security Testing“Amazon Web Services believes that security is paramount and that our clients should be able to easily and independently test the security of their AWS deployments,” said Stephen Schmidt, Chief Information Security Officer for Amazon Web Services. “We are pleased that our clients can take advantage of Core CloudInspect for an independent assessment of the security of their AWS-hosted instances and applications against threats.

“Sensitive data, company reputation and customer trust can all depend on cloud-based infrastructure as much as they do on in-house IT environments. It’s therefore critical for organizations to proactively validate the security of their cloud-based systems so they can better manage the risks associated with today’s threats,” said Mark Hatton, Core Security President & CEO.

Core CloudInspect is available immediately and priced “per target” at $20 per Web application or $20 per machine instance, though to assess the security of a Web application hosted by a machine instance, the machine instance must also be included in the test. Core Security is offering 3 free tests per month for a limited time.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.