Security Through Purity — Bypassing the Red Queen

Sauce AI for Test Authoring: Move from intent to execution in minutes.|xBack to ResourcesBlogPosted

May 31, 2026 · 3 min read · Security

Sauce AI for Test Authoring: Move from intent to execution in minutes.

|

x

Back to Resources

Blog

Posted September 27, 2011

Security Through Purity — Bypassing the Red Queen

quote

As a cloud service, Sauce Labs uses rather a few virtual machines to run our browsers. With Windows images taking about 15 minutes to boot in EC2 and other cloud providers, the most efficient way to use these resources is to cleanup between customers and reuse. Unfortunately, reprocess VMs paves a path for malicious users to install software that will preserve to run while other customer use them. This means sensitive data could be bewitch and mail to a 3rd company or, even worse, a 3rd party could gain access to a customer & # x27; s national network if they are testing with.[1. Did you know you can use Sauce Labs to test your internal meshing? Check out for secure way to use our cloud service to screen your internal infrastructure. It & # x27; s been vet by a well-known financial establishment, a well-known domestic airline, and a variety of other high-profile customers.]How can a VM be protected from malicious software installation? There are a variety of tools one can use to lock down Windows. The tools provided by Windows itself are the Software Restriction Policy and AppLocker technologies. And a cursory Google hunt will revealcurrent dllload highjackingmethod for getting around them. The realness is it & # x27; s aRed Queen racebetween securing a scheme and determinationa new exploit— & quot; It takes all the lam you can do, to keep in the same place. & quot; For all intent and purposes, it & # x27; s like submitting your laptop toa hacking competition. Is there anything you could do to feel comfy apply it again?

For autonomous testing across multiple user personas, check out SUSATest — it explores your app like 10 different real users.

Like Joshua learned, & quot;the only winning move is not to play, & quot; and that & # x27; s how we wheel at Sauce Labs. Every single session, whether you & # x27; re running manual or OnDemand, gets a fresh VM that & # x27; s never been used by anyone else.[3. In this way, Sauce Labs has lunch nearly 1.3 million VMs in the terminal 30 days.]At the end of your session — whether it & # x27; s 10 bit or 10 second — the VM (with all its data) is completely destroyed. By avoiding the unsolvable problem of secure a system secure across anon. use, we alternatively guarantee a scheme that has never and will never be used by any customer besides you.[2. Since we give youa fresh VM in under 20 seconds, a 15 minute flush clip would require us to keep a lot of expensive, idle resources around to handle demand spike. That & # x27; s why we acquire a cloud engineering which allows us to cold flush VMs in under 40 minute. Aside from meaning requirement spikes are handled with minimal postponement, this also means there is no additional disbursement for cater the best security.]A desirable side-effect of the Security Through Purity poser is increase reliability. By always expend pristine VMs for every session, every session is run with the same settings. This avoids intermittent failures that arise from the OS be in a state dependent on what the previous users did. At Sauce Labs core is the ability to offer secure, outside browsers for interactive, mobile, JS, andSelenium testingto our customers. Our attending to security provides confidence you can screen any part of your external or intragroup services without having to build and grapple your own browser quiz infrastructure.

Published:
Sep 27, 2011
Share this post
Copy Share Link
LinkedIn
© 2026 Sauce Labs Inc., all rights reserved. SAUCE and SAUCE LABS are file trademarks possess by Sauce Labs Inc. in the United States, EU, and may be registered in former jurisdictions.
robot
quote

Automate This With SUSA

Upload your APK or URL. SUSA explores like 10 real users — finds bugs, accessibility violations, and security issues. No scripts needed.

Try SUSA Free

Test Your App Autonomously

Upload your APK or URL. SUSA explores like 10 real users — finds bugs, accessibility violations, and security issues. No scripts.

Try SUSA Free