Enterprises are looking to secure their network, web and applications against vulnerabilities – they are hiring ethical hackers to penetrate their infrastructure to discover holes. Public cloud (e.g. AWS or Google) is an excellent candidate to build pentesting environments to scale, but lacks some key functionality. Ravello's Security Smart Lab on AWS and Google overcome these drawbacks, and enable creation of high fidelity production environment replicas that can be used for effective penetration testing.
With many enterprise breaches fresh in the memory, CISOs are focusing to coordinate incident detection and response in areas of networks, hosts, threat intelligence, and user behavior monitoring. They want their enterprise environments to be breach-proof and workforce fully trained and capable of thwarting any security incidents. Penetration testing or ethical hacking their network, web and application environments to discover ‘holes’ before a malicious hacker does, is their top priority.
While the goal is clear, the execution presents a challenge. Enterprises are wary of penetration testing on their production infrastructure, worried that it may impact their business. To avoid this risk, they try to recreate a mock setup that mimics their production infrastructure in-house in their datacenters, and use it for penetration testing. However, amount of resources needed to have a realistic representation of the production environment to scale, typically prevents this mock setup to be effective for network, web or application penetration testing.
Cloud presents an interesting alternative, when it comes to building to scale. Using public clouds such as AWS, Google, Azure one can build replicas of enterprise environments that mimic the real world scale – but they are still far from being realistic representation of the DC based enterprise. AWS penetration testing enthusiasts typically run into the following challenges:
Despite these drawbacks, if one were to proceed with penetration testing on public cloud, they would still not be able to perform an integrated scan of compute instances for vulnerabilities, compliance violations, and advanced threats. Public cloud providers typically block such a scan as it can put other compute instances used by different customers at risk. Further, AWS requires one to request for permission for vulnerability and penetration testing ahead of time.
Ravello’s security smart lab on AWS & Google cloud overcomes these limitations. It enables organizations to create effective environments for their application or web pentesting on AWS & Google cloud. Here’s how Ravello’s Security Smart Lab overcomes the challenges –
These capabilities make Ravello Security Smart Lab an ideal environment for ethical hacking and penetration testing without risking their business. Using Ravello, AWS pentesting enthusiasts can get best of both datacenter capabilities and public cloud benefits (scale, cost-economics, on-demand capacity) in one unique service.