Tools Resources

Tags

What is your public cloud exposure? See what an attacker sees with Recon.Cloud from Panoptica

author_profile
Panoptica Security Research Team
Tuesday, Apr 5th, 2022

"What is my public exposure?”

This is a question we have heard time and time again from our customers. The Panoptica platform provides a variety of views of customers’ cloud environment – from surfacing the most critical attack paths, to lateral movements, poor configurations, to giving their teams a birds’ eye view of all their environment encapsulates – but what about a tool that only hones in on and highlights their public exposure?  

Recon.Cloud is this tool.  

The team set out on a mission to do research to understand what kind of information we could gather from the “outside,” in other words, via public information. Recon.Cloud started as a POC for our customers that had asked us what their environments looked like from the outside looking in, and it ended up revealing some interesting assets. As we yielded results and shared them with our customers, we realized that we had stumbled upon an area and perhaps the early stages of a very useful tool that could bring value to those interested in better understanding their environments’ public exposure. 

Discover your public exposure with Recon.Cloud

Recon.Cloud is a public and free AWS cloud security reconnaissance tool that will enable users to reveal publicly exposed cloud assets on any domain. There are many tools in the market that are open to users for reconnaissance efforts, but there are few that specifically scope recon efforts to look at the cloud alone. Typical recon tools provide an exhaustive list of all assets they detect – there is no scope to define the cloud assets themselves. This leaves users overwhelmed with too much information that can be difficult and time-consuming to comb through.  

With Recon.Cloud, less is more.

Recon.Cloud will be continually updated and refreshed with new features and technical capabilities to highlight risks – these will include open ports, known CVEs, and more.  

The tool is an expansion of the vision of Panoptica’s broader platform and suite of offerings. It provides practitioners with the ability to view their landscape through the lens of an attacker, to focus on what is most critical. Beyond that, it provides the response to the tactical question of how an attacker may obtain access to your internal network.  

The Panoptica Security Research Team is committed to continually providing value to our community of cloud security practitioners, our customers, and our partners, so stay tuned for added features, updates, and more free tools, coming soon!  

Try out Recon.Cloud now! 

Popup Image