2. Quick Company Update
Leader in real-world security test and measurement solutions –
created automated penetration testing category
1000+ customers: Industry leaders and government
– Top 3 Telecomm Companies
– Top 3 Network & Communications Equipment Companies
– 2 of 3 Top Computer Software Companies
– 2 of 3 Top Pharmaceutical Companies
– 6 of 7 Top Aerospace and Defense Companies
Explosive product growth and technology innovation
Announced this week
Page 2 - CONFIDENTIAL -
3. Cloud Security
You are responsible for your own security – just because it is
virtualized, does not mean the bad guys will not attack it
– Confidence in your provider
– Securing and testing your applications and systems
Amazon Web Services
– A leader in secure infrastructure
– Ideal partner for Core – shared goal of making customers more
secure
You must:
– Create secure applications and deployments
– Use the same security diligence as in your physical infrastructure
– Test as often as possible
Page 3
4. Case Study
Customer Profile
– Cloud-based security provider
– Built and run their entire business infrastructure in AWS
– Security savvy, and security is a top priority
Challenge:
– Want to follow security best practices for their cloud deployment
» Similar to traditional on-premise security testing
– Verify the security of their hosted applications & instances
– Institute low cost, repeatable security testing program for their AWS
instances
– Miminize human/manual time and effort
Page 4 - CONFIDENTIAL -
5. Case Study
Solution
– Core CloudInspect, the first automated security testing solution,
integrated with AWS
Benefits
– Provides easy way to make security testing part of the ongoing
deployment and maintenance process
– Automates security testing of instances
– Uses real-world attack techniques, delivers NO false positives
– Automates the test request process via IAM, thus saving human
time/effort
– Leverage 15 years of security testing technology and expertise
Regular testing should become a best practice for all cloud
deployments, with retesting after exposures are remediated
Page 5 - CONFIDENTIAL -
7. How Core CloudInspect Works
One-time set-up of CloudInspect account with Core
– Includes AWS authorization
1. Log-in
2. Select instances to test
3. Select web applications to test
4. Select reports
5. Confirm and pay
6. View progress
7. Retrieve reports
Page 7 - CONFIDENTIAL -
14. How It Works:
View progress and retrieve reports
Page 14 - CONFIDENTIAL -
15. https://www.corecloudinspect.com
AWS Customers
Test your first three instances each month for free*
Page 15 - CONFIDENTIAL -
* Limited offer for AWS customers in 2011
16. The leader in security testing introduces
The first automated security testing service for cloud environments.
• Fully automated security testing for AWS clients
• SaaS-delivered penetration testing for AWS hosted instances:
• Cloud-based machine instances
• Cloud-based web applications
• Identification of security exposures in hosted systems and applications
• Verification and validation of cloud deployed applications and systems
• Integrated and automated back-end test authorization and payment w/ AWS
On-demand security testing service for the Cloud
https://www.corecloudinspect.com
Page 16 - CONFIDENTIAL -