10 Useful Cloud Security Tools: Part 2

10 Useful Cloud Security Tools: Part 2

10 Useful Cloud Security Tools: Part 2

Cloud services like Amazon Elastic Cloud and IBM SmartCloud are revolutionizing the way IT organizations deal with online infrastructure. There are many benefits to cloud computing, but there are also serious security concerns. Yesterday, I revealed 5 helpful tools for enhancing cloud security.

Here are 5 more tools to round out my top 10 list:

Metasploit

metasploit

Complied in the Ruby programming language and developed by H.D. Moore, Metasploit framework has made significant contributions to the pen testing tools community. It gives you the capability of adding your own modules. By default, Metasploit is embedded in popular pen testing distributions with a streamlined user interface.

It can pen test with just an IP address. Therefore, if you have your data on the cloud then all you need is your actual cloud IP address to test security. Just be sure that the IP you are using actually belong to your assets, because in many cases vendors will change IP addresses. If you are using cloud services from Amazon, then using Metasploit Pro will provide you with additional Amazon Machine Images. You can install the available Metasploit package on Amazon EC2 like other packages and run it normally. You cannot receive updates until you get it registered, though.

Nessus

Nessus is an open source, comprehensive vulnerability scanner developed by Tenable Network Security, and has the designation of being the most popular vulnerability assessment tool. In its most recent update in March, it added cloud management and multi support through the Nessus Perimeter Service.

infographic-host-cloud

This scanner is capable of controlling internal and external scanners through the cloud. According to Ron Gula, CEO of Tenable Network Security, the multi-scanning management capability will allow users to benefit from the robust capabilities of Nessus to manage internal and external scanners from a single point, which will save time and resources.

Nmap

Nmap stands for “Network Mapper”; this tool is the gold standard for network scanning. Originally written by Gordon Lyon (Fyodor Vaskovich), it is a must have in any pen testers arsenal. Use it to scan networks, even if congestion or latency has been occurring on these networks.

Nmap can be effectively used for scanning cloud networks. The only condition is that your cloud network is on an OS supported by Nmap. These include Unix, Linux, Solaris, Windows, Mac, OS X, BSD and some other environments. Also, you would want to scan your original IP instead of that hidden behind NAT or firewalls. Be sure to have permission from the IaaS provider before scanning the networks, because it is prohibited to scan without authenticity, for obvious reasons.

Kismet

Freely distributed as an open source program, Kismet uses 802.11 standard layer 2 tools which can be used for packet sniffing, network detection and also as an intrusion detection system. It supports any wireless card which is capable of raw monitoring.

Kismet is capable of scanning public, private or hybrid cloud servers. Its distinguishing feature is that it leaves no logs of scans done in victim machines. It accomplishes this by working passively and sending no traceable packets to the victim network. Due to stealth functionality, it is the most widely used wireless scanning tool to date. On a cloud server, Kismet can be used for preventing any active wireless sniffing programs like Netstumbler through its IDS capability. Kismet supports channel hopping that aids it in finding as many networks as possible through non sequential functioning.

Wireshark

Wireshark has been around for ages and has proven to be an excellent cloud monitoring tool. Although it can help network administrators in scanning enterprise networks, it cannot be used as a stand-alone tool in large environments like cloud servers. In cloud networks, Wireshark is used for scanning a single entity of the whole infrastructure. It can be aided by other tools, or multiple instances can run to serve the purpose.

Wireshark can apply to the cloud the same way it applies to any home network. It is used for troubleshooting network issues by digging through the weeds of the network. Wireshark can also be applied for analyzing packets between cloud service provider and the end user. But as Wireshark is basically a desktop based network monitoring tool, QA Café has developed “CloudShark” for making captured files accessible on cloud environments.

On Conclusion

Traditional network monitoring tools are now being used as cloud monitoring tools. This is due to the fact that the cloud is also a network with larger boundaries and more complications than standard networks. Today, organizations can buy an online service by instantiating any image service on the cloud. Cloud computing has emerged as a pay-as-you-go service, which organizations can use without having to go deeper into the details how cloud infrastructure works.

As cloud networks are providing more and more to IT services, its security has been a chief concern for most customers. For ensuring security and privacy of your data, there are tools and methodologies through which you can pen test your cloud provider. Using the aforementioned tools will enhance reliability in cloud service.

By Chetan Soni

Sorry, comments are closed for this post.

Comic
Micro-segmentation – Protecting Advanced Threats Within The Perimeter

Micro-segmentation – Protecting Advanced Threats Within The Perimeter

Micro-segmentation Changing with the times is frequently overlooked when it comes to data center security. The technology powering today’s networks has become increasingly dynamic, but most data center admins still employ archaic security measures to protect their network. These traditional security methods just don’t stand a chance against today’s sophisticated attacks. That hasn’t stopped organizations…

Connecting With Customers In The Cloud

Connecting With Customers In The Cloud

Customers in the Cloud Global enterprises in every industry are increasingly turning to cloud-based innovators like Salesforce, ServiceNow, WorkDay and Aria, to handle critical systems like billing, IT services, HCM and CRM. One need look no further than Salesforce’s and Amazon’s most recent earnings report, to see this indeed is not a passing fad, but…

Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society’s most important functions, teaching can still seem antiquated at times. Many schools still function similarly to how they did five or 10 years ago, which is surprising considering the amount of technical innovation we’ve seen in the past decade. Education is an industry ripe for innovation…

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah…the sweet smell of Virtual Immersion Success! Virtual Immersion© (VI) an extension/expansion of Virtual Reality to include the senses beyond visual and auditory. Years ago there was a television commercial for a bathing product called Calgon. The tagline of the commercial was Calgon…

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…

HOW THE CFAA RULING AFFECTS INDIVIDUALS AND PASSWORD-SHARING

HOW THE CFAA RULING AFFECTS INDIVIDUALS AND PASSWORD-SHARING

Individuals and Password-Sharing With the 1980s came the explosion of computing. In 1980, the Commodore ushered in the advent of home computing. Time magazine declared 1982 was “The Year of the Computer.” By 1983, there were an estimated 10 million personal computers in the United States alone. As soon as computers became popular, the federal government…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence All businesses need a strategy and processes for governance, risk and compliance (GRC). Many still view GRC activity as a burdensome ‘must-do,’ approaching it reactively and managing it with non-specialized tools. GRC is a necessary business endeavor but it can be elevated from a cost drain to a value-add activity. By integrating…

Disaster Recovery – A Thing Of The Past!

Disaster Recovery – A Thing Of The Past!

Disaster Recovery  Ok, ok – I understand most of you are saying disaster recovery (DR) is still a critical aspect of running any type of operations. After all – we need to secure our future operations in case of disaster. Sure – that is still the case but things are changing – fast. There are…

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

What Cloud Technology Has Allowed Us to Do Better The cloud has made our working lives easier, with everything from virtually unlimited email storage to access-from-anywhere enterprise resource planning (ERP) systems. It’s no wonder the 2013 cloud computing research IDG survey revealed at least 84 percent of the companies surveyed run at least one cloud-based application.…

Big Data and Financial Services – Security Threat or Massive Opportunity?

Big Data and Financial Services – Security Threat or Massive Opportunity?

Big Data and Financial Services Cloud Banking Insights Series focuses on big data in the financial services industry and whether it is a security threat or actually a massive opportunity. How does big data fit into an overall cloud strategy? Most FI’s have a positive mind-set towards cloud IT consumption as it not only enables…

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Consequences Of Combining Off Premise Cloud Storage and Corporate Data

Off Premise Corporate Data Storage Cloud storage is a broad term. It can encompass anything from on premise solutions, to file storage, disaster recovery and off premise options. To narrow the scope, I’ve dedicated the focus of today’s discussion to the more popular cloud storage services—such as Dropbox, Box, OneDrive—which are also known as hosted,…

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Imagine this:  Your wearable device is subpoenaed to testify against you.  You were driving when you were over the legal alcohol limit and data from a smart Breathalyzer device is used against you. Some might argue that such a use case could potentially safeguard society. However, it poses…

The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the business world as a whole. In 1983, the first commercially handheld mobile phone debuted and provided workers with an unprecedented amount of availability, leading to more productivity and profits. More recently, the Cloud has taken…

Battle of the Clouds: Multi-Instance vs. Multi-Tenant

Battle of the Clouds: Multi-Instance vs. Multi-Tenant

Multi-Instance vs. Multi-Tenant The cloud is part of everything we do. It’s always there backing up our data, pictures, and videos. To many, the cloud is considered to be a newer technology. However, cloud services actually got their start in the late 90s when large companies used it as a way to centralize computing, storage,…

Infographic: 9 Things To Know About Business Intelligence (BI) Software

Infographic: 9 Things To Know About Business Intelligence (BI) Software

Business Intelligence (BI) Software  How does your company track its data? It’s a valuable resource—so much so that it’s known as Business Intelligence, or BI. But using it, integrating it into your daily processes, that can be significantly difficult. That’s why there’s software to help. But when it comes to software, there are lots of…

Cukes and the Cloud

Cukes and the Cloud

The Cloud, through bringing vast processing power to bear inexpensively, is enabling artificial intelligence. But, don’t think Skynet and the Terminator. Think cucumbers! Artificial Intelligence (A.I.) conjures up the images of vast cool intellects bent on our destruction or at best ignoring us the way we ignore ants. Reality is a lot different and much…

Ransomware’s Great Lessons

Ransomware’s Great Lessons

Ransomware The vision is chilling. It’s another busy day. An employee arrives and logs on to the network only to be confronted by a locked screen displaying a simple message: “Your files have been captured and encrypted. To release them, you must pay.” Ransomware has grown recently to become one of the primary threats to…

InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Five-part series details companies to watch across five essential technology sectors SAN FRANCISCO, Sept. 27, 2016 /PRNewswire/ — InformationWeek released its list of “125 Vendors to Watch” in 2017. Selected by InformationWeek’s expert editorial team, the companies listed fall into one of five key themes: infrastructure, security, cloud, data management and…