Recent AWS Customer Success Stories & Videos

More AWS Customer Success Stories...

« Use Your Own Kernel with Amazon EC2 | Main | Vamos falar sobre computação na núvem no Brasil - Let's talk about Cloud Computing in Brazil - August 2010 »

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341c534853ef0134859ede63970c

Listed below are links to weblogs that reference What's New in AWS Security: Vulnerability Reporting and Penetration Testing:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Shlomo Swidler

Steve,

"...we won't respond to your testing as if your instances were under attack."

So how do I test my application to see how it will really behave if it was under attack? AWS's DDoS and attack mitigation are a part of my application delivery path and I want to test the real thing as well, not just my application "naked" to the internet with AWS's stuff turned off - though I will test that, too.

If I specify in my penetration testing request that I want AWS to leave in place its attack responses, will you honor that request?

Thanks.

Account Deleted

Good question, Shlomo. We’re honored that you trust our incident response procedures enough to account for them in your development. However, we can’t allow random on-demand testing of that because, as I’m sure you’d understand, it would place undue burden on our personnel -- which could prevent them from responding real attacks that need addressed.

The comments to this entry are closed.

Featured Events

The AWS Report


Brought to You By

Jeff Barr (@jeffbarr):



Jinesh Varia (@jinman):


Email Subscription

Enter your email address:

Delivered by FeedBurner

April 2014

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30