US Patent 11216563 Security assessment of virtual computing environment using logical volume image

Systems for performing a security assessment of a target computing resource, such as a virtual machine or an instance of a virtual machine, include a scanning service that facilitates duplication of all or a portion of the target computing resource, and then performs the security assessment on the duplicate computing resource to avoid consuming processing time, processing power, and storage space of the target computing resource. A snapshot of the target computing resource, containing the data necessary to reproduce the portion to be assessed, is captured and used to implement the duplicate computing resource in newly allocated resources. The snapshot can be an image of a logical volume implementing the target computing resource. To reproduce a target virtual machine, the snapshot may include a configuration used to instantiate the target virtual machine; the scanning service may implement a duplicate virtual machine that is instantiated with the same configuration.