Amazon EC2 Copy AMI and Snapshot: CloudyScripts updated

The SecludIT Team is proud to announce that CloudyScripts collection of tools to manage and automate Clouds Infrastructure Copy AMI and Copy Snapshot for Amazon EC2 have been improved. Copy AMI from one region to another After our users’ request in order to support Amazon EC2 Linux AMIs (pre-configured, templated image to get up and…

New CloudyScript: Security Audit via SSH

We are glad to announce a new CloudyScript Security Audit via SSH which makes a Security Audit of an Amazon EC2 AMI. It requires a privileged user that can perform sudo. Security Auditing is very important in cloud computing infrastructures where virtual machine images (AMI in the case of Amazon) could be shared among users.…

How to increase security and visibility of Amazon EC2 instances?

Amazon EC2 administrators have to deal with daily problems such as: Ensuring security of new instances, Detecting performance and capacity problems, Keeping track of the modifications on the infrastructure. We would like to provide you some insights in our solution to address those problems and to facilitate the life of cloud-administrators by detecting security related…

Amazon Security Groups: VPC vs EC2

Amazon has updated Security Groups for Amazon VPC Earlier  in April, while adding support for Security Groups within Amazon VPC, Amazon also introduced some major changes such as: outbound filtering fine grained IP protocol tuning ability to apply changes in a one fell swoop But I found very interesting the fact that we can now…

CloudyScripts Supports New Amazon EC2 Region: Asia Pacific (Tokyo)

Amazon announces that a new AWS Region in Tokyo is supported (see AWS blogpost for more information). CloudyScripts WebSite CloudyScripts has been updated in order to support this new AWS Region. This AWS Region is available in all the following CloudyScripts: Convert Instance-store AMI To EBS-booted AMI: Takes an instance-store AMI, instantiates it, copies the boot-data to…

Amazon EC2 ‘broad character’ support and Security impact on third party tools such as Elastic Detector

The goal of this document is to enlighten security issues on third party tools that come from some features of the Amazon EC2 console. We are going to explain two security threats, a XSS (cross site scripting), and a command injection, using a second party tool as injection’s vector. Taking our own product Elastic Detector…