New tools protect your AWS infrastructure

Rhino Security and Amazon offer tools to improve visibility into your AWS cloud environments, making it easier to find configuration errors and vulnerabilities.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Properly testing your virtual infrastructure has been an issue almost since there were virtual machines (VMs) and Amazon’s Web Services (AWS). Lately, the tool sets have gotten better.

Part of the problem is that to adequately test your AWS installation, you need to know a lot about how it is constructed. You have to draw on typical vulnerabilities and attack methods, as well as understand the relationships among your various VMs and network components. That is a lot of knowledge, and if your developers are busy building stuff, they don’t want to devote much time to explaining how all the components are put together.  

Another part of the problem is that most penetration tests focus on on-premise applications, where the environments are more carefully defined and stable. An AWS configuration is more ephemeral, where CPUs can come and go, and storage blocks are created and destroyed in the blink of an eye. And “no one wants to test new attack techniques against their own professional environment,” as this post from Rhino Security starts out.

Last year, Skyhigh Networks found that 7 percent of all AWS S3 buckets were exposed to the overall Internet. Worse, a third of these public buckets were unencrypted, making it almost child’s play to review the data contained in them. 

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.