security-concerns

10 Useful Cloud Security Tools: Part 2

10 Useful Cloud Security Tools: Part 2

Cloud services like Amazon Elastic Cloud and IBM SmartCloud are revolutionizing the way IT organizations deal with online infrastructure. There are many benefits to cloud computing, but there are also serious security concerns. Yesterday, I revealed 5 helpful tools for enhancing cloud security.

Here are 5 more tools to round out my top 10 list:

Metasploit

Complied in the Ruby programming language and developed by H.D. Moore, Metasploit framework has made significant contributions to the pen testing tools community. It gives you the capability of adding your own modules. By default, Metasploit is embedded in popular pen testing distributions with a streamlined user interface.

It can pen test with just an IP address. Therefore, if you have your data on the cloud then all you need is your actual cloud IP address to test security. Just be sure that the IP you are using actually belong to your assets, because in many cases vendors will change IP addresses. If you are using cloud services from Amazon, then using Metasploit Pro will provide you with additional Amazon Machine Images. You can install the available Metasploit package on Amazon EC2 like other packages and run it normally. You cannot receive updates until you get it registered, though.

Nessus

Nessus is an open source, comprehensive vulnerability scanner developed by Tenable Network Security, and has the designation of being the most popular vulnerability assessment tool. In its most recent update in March, it added cloud management and multi support through the Nessus Perimeter Service.

This scanner is capable of controlling internal and external scanners through the cloud. According to Ron Gula, CEO of Tenable Network Security, the multi-scanning management capability will allow users to benefit from the robust capabilities of Nessus to manage internal and external scanners from a single point, which will save time and resources.

Nmap

Nmap stands for “Network Mapper”; this tool is the gold standard for network scanning. Originally written by Gordon Lyon (Fyodor Vaskovich), it is a must have in any pen testers arsenal. Use it to scan networks, even if congestion or latency has been occurring on these networks.

Nmap can be effectively used for scanning cloud networks. The only condition is that your cloud network is on an OS supported by Nmap. These include Unix, Linux, Solaris, Windows, Mac, OS X, BSD and some other environments. Also, you would want to scan your original IP instead of that hidden behind NAT or firewalls. Be sure to have permission from the IaaS provider before scanning the networks, because it is prohibited to scan without authenticity, for obvious reasons.

Kismet

Freely distributed as an open source program, Kismet uses 802.11 standard layer 2 tools which can be used for packet sniffing, network detection and also as an intrusion detection system. It supports any wireless card which is capable of raw monitoring.

Kismet is capable of scanning public, private or hybrid cloud servers. Its distinguishing feature is that it leaves no logs of scans done in victim machines. It accomplishes this by working passively and sending no traceable packets to the victim network. Due to stealth functionality, it is the most widely used wireless scanning tool to date. On a cloud server, Kismet can be used for preventing any active wireless sniffing programs like Netstumbler through its IDS capability. Kismet supports channel hopping that aids it in finding as many networks as possible through non sequential functioning.

Wireshark

Wireshark has been around for ages and has proven to be an excellent cloud monitoring tool. Although it can help network administrators in scanning enterprise networks, it cannot be used as a stand-alone tool in large environments like cloud servers. In cloud networks, Wireshark is used for scanning a single entity of the whole infrastructure. It can be aided by other tools, or multiple instances can run to serve the purpose.

Wireshark can apply to the cloud the same way it applies to any home network. It is used for troubleshooting network issues by digging through the weeds of the network. Wireshark can also be applied for analyzing packets between cloud service provider and the end user. But as Wireshark is basically a desktop based network monitoring tool, QA Café has developed “CloudShark” for making captured files accessible on cloud environments.

On Conclusion

Traditional network monitoring tools are now being used as cloud performance monitoring tools. This is due to the fact that the cloud is also a network with larger boundaries and more complications than standard networks. Today, organizations can buy an online service by instantiating any image service on the cloud. Cloud computing has emerged as a pay-as-you-go service, which organizations can use without having to go deeper into the details how cloud infrastructure works.

As cloud networks are providing more and more to IT services, its security has been a chief concern for most customers. For ensuring security and privacy of your data, there are tools and methodologies through which you can pen test your cloud provider. Using the aforementioned tools will enhance reliability in cloud service.

By Chetan Soni

Cloud Syndicate

The ‘Cloud Syndicate’ is a mix of short term guest contributors, curated resources and syndication partners covering a variety of interesting technology related topics.

Contact us for syndication details on how to connect your technology article or news feed to our syndication network.

Long term thought leadership contributors will not show up under the ‘Cloud Syndicate’ section as they will receive their own custom profile on CloudTweaks.

CONTRIBUTORS

Survey: 87% of Businesses Are Confident About Cybersecurity

Survey: 87% of Businesses Are Confident About Cybersecurity

Businesses Confident About Cybersecurity In a year that has seen multiple massive data breaches and troubling cyberattacks, a new survey ...
The Return of the CIO

The Return of the CIO

Not long ago pundits were writing the obituary for CIO’s. They were becoming as archaic as the VP’s of Electricity ...
The Cloud Isn’t a Security Issue; It’s a Security Opportunity

The Cloud Isn’t a Security Issue; It’s a Security Opportunity

Security Issue In order to stay ahead in today’s competitive business landscape, companies need to constantly innovate. Development teams must ...
Reduce Digital Printing Costs

3 Ways To Reduce Digital Printing Costs

Reduce Digital Printing Costs For many organizations, office printing is one of the top expense categories — yet many companies ...
Data as a Service

Data as a Service: 5 Strategies to Transition How You Access Data

Data as a Service Information wants to be free — at least that’s the saying. And like any good saying, ...
Making Enterprise IT Affordable for Small Businesses with the Cloud

Making Enterprise IT Affordable for Small Businesses with the Cloud

Making Enterprise IT Affordable Recent advancements in cloud technology have made enterprise IT services, like DNS management, a reality for ...
legacy

Experts Believe Multi-cloud Implementations Can Be Invaluable

Multi-Cloud Environment The outage this week at Amazon Web Services S3 cloud storage services has created quite a stir, with ...
Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing ...

NEWS

EU privacy regulators to discuss Uber hack next week

EU privacy regulators to discuss Uber hack next week

BRUSSELS (Reuters) - European Union privacy regulators will discuss ride-hailing app Uber’s [UBER.UL] massive data breach cover-up next week and ...
OVH Announces New Hosted Private Cloud Offerings for US Market

OVH Announces New Hosted Private Cloud Offerings for US Market

OVH delivers next-generation services for hosted private cloud, disaster recovery, and hybridity leveraging industry-leading solutions RESTON, VA--(Marketwired - Nov 20, ...
Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

EDINBURGH, Scotland, Nov. 21, 2017 /PRNewswire-USNewswire/ -- The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices ...

SPONSORS

What Is Really Driving Cloud Adoption?

What Is Really Driving Cloud Adoption?

Driving Cloud Adoption Cloud adoption is growing at an astounding rate, with companies big and small undergoing digital transformation towards ...
AT&T Pinpoints 4 Key Elements To Achieving Security With The Internet of Things

AT&T Pinpoints 4 Key Elements To Achieving Security With The Internet of Things

Internet of Things Security The Internet of Things (IoT) is rapidly becoming a part of many of our business processes, ...
Ransomware's Great Lessons

Ransomware’s Great Lessons

Ransomware The vision is chilling. It's another busy day. An employee arrives and logs on to the network only to ...