Virtualization Technology News and Information
Ravello Enables Security Sandboxing for Penetration Testing, Malware Testing and Threat Simulation on Public Clouds
Ravello Systems, the leaders in nested virtualization, today unveiled a new way to run security sandboxes in fully isolated capsules on leading public clouds. Using Ravello, enterprises and ISVs can create high-fidelity copies of their data centers on Amazon Web Services (AWS) and Google Cloud, and run their security tests in the cloud. In addition, enterprises can also save custom security testing environments as blueprints for rapid sandboxes that are deployed in the cloud.

Best practices to limit vulnerabilities suggest that enterprises run penetration testing and threat simulations several times a year. Ravello makes it easy to recreate the data center environment with existing virtual appliances and hypervisors, such as VMware ESXi and KVM on AWS and Google Cloud. Ravello's built-in encapsulation and isolation enables scalable and safe malware testing, DDoS testing, threat simulation and everything a normal penetration test would: reconnaissance, vulnerability assessment, vulnerability exploitation and post-exploitation -- on-demand in the public cloud.

"With Ravello Systems' ability to run various types of hypervisors in their multi-cloud, multi-tenant virtualization environment, we can now provide our customers access to their own mini VMware data center inside AWS, running vArmour DSS Distributed Security System," said Matt Ebben, Director of Worldwide Systems Engineering at vArmour.

Ravello enables full Layer 2 networking between virtual machines for network traffic flow directly to network sensors, security and monitoring tools. This allows security teams in enterprises, as well as vendors developing security software, to record and analyze network packets for monitoring, visualization and impact analysis, all within the Ravello network instance. It also keeps all test servers and infrastructure devices and related communication within the Ravello instance. Custom security test methods are sheltered from Internet cloud-based antivirus systems since Ravello's network denies outbound traffic by default.

Lee Rossey, co-founder and CTO of SimSpace, a fast-growing cyber security company, said "Ravello's unique nested virtualization and overlay networking has made it possible for us to leverage leading public clouds for delivering on-demand cyber ranges to enterprises, for the first time in the security industry".

Using Ravello technology, SimSpace is currently able to:

●       Execute malware and exploits on the cyber range while preventing leakage in the cloud;

●       Eliminate individual security exception requests from the public cloud threat analysis team for cyber range malware to avoid interpreting it as a real attack;

●       Assess impact and defender response from attacks to infrastructure devices (e.g., firewalls, routers, security tools) at ISO Layers 2 and above, which is not possible natively with AWS and Google Cloud;

●       Develop novel range-specific attacks (e.g., 0-days) in isolation from antivirus system adaption to ensure longevity for testing.

"One of the key challenges for security teams today is to stay on top of the game even when there is no attack. With Ravello technology, it is very easy to simulate attacks on life-like user environments, but inside the safety of an isolated capsule in the cloud," said Benny Schanider, co-founder and chairman of Ravello Systems. "Using our technology, security teams can save a blueprint of their environment and spin it up on-demand in the cloud, for frequent testing with full flexibility to run their own custom tests without any restrictions."

Available today, Ravello's technology is delivered as a service, with pricing starting at $0.14 per hour. A free trial is available to get started, with up to 2,880 CPU hours.

Published Thursday, October 01, 2015 3:32 PM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<October 2015>