System and method for evaluating active backups using penetration testing

The invention claimed is: 1 . A method for evaluating a production system by testing a live mirror image of the production system on a testing computer, the method comprising: creating a live mirror system as a copy of the production system on a testing computer; obtaining a mirror update comprising one or more changes to the production system since the generation of a previous mirror update; replicating a set of files or other data units associated with the mirror update on the testing computer to apply to the live mirror system; running a set of automatic dynamic tests on the testing computer to evaluate the live mirror system; generating a list of results of execution of each of the tests on the testing computer, wherein the list of results is indicative of at least one vulnerability or defect; and saving the list of results to a computer memory or communicating it to a user, wherein at least one of: obtaining the mirror update is stopped before the running the set of dynamic automatic tests on the live mirror system on the testing computer starts, replicating the set of files is stopped before the running the set of dynamic automatic tests on the live mirror system on the testing computer starts, or applying the set of files to the live mirror system is stopped before the running the set of dynamic automatic tests on the live mirror system on the testing computer starts. 2 . The method of claim 1 , wherein the production system is at least one of a virtual machine, a container, a scripting engine, or a web server. 3 . The method of claim 1 , wherein obtaining the mirror update comprises using a file synchronization system with a shadow copy method to detect changes to the files on the production system. 4 . The method of claim 1 , wherein obtaining a mirror update comprises using database mirroring or a replication functionality on the production system. 5 . The method of claim 1 , wherein obtaining a mirror update is performed by an external system. 6 . The method of claim 1 , wherein the live mirror system is created when the production system is live. 7 . The method of claim 1 , wherein at least one of: obtaining the mirror update continues while the running the set of dynamic automatic tests on the testing computer executes, replicating the set of files continues while the running the set of dynamic automatic tests on the testing computer executes, or applying the set of files to the live mirror system continues while the running the set of dynamic automatic tests on the testing computer executes. 8 . The method of claim 1 , wherein at least one of: obtaining the mirror update resumes after the running the test of dynamic automatic tests on the live mirror system on the testing computer has finished, replicating the set of files resumes after the running the test of dynamic automatic tests on the live mirror system on the testing computer has finished, or applying the set of files to the live mirror system resumes after the running the test of dynamic automatic tests on the live mirror system on the testing computer has finished. 9 . The method of claim 1 , further comprising: creating a full backup of the production system or an incremental backup of the production system; and applying the full backup or the incremental backup to the live mirror system on the testing computer. 10 . The method of claim 1 , further comprising delivering the list of results to a user by at least one of: sending an electronic communication; displaying on a display unit of user's computer; printing in a print media; or publishing in electronic media. 11 . The method of claim 1 , wherein the running the set of dynamic automatic tests is implemented by an automated dynamic testing system having a local testing agent installed onto the testing system before dynamic automatic testing is performed. 12 . The method of claim 1 further comprising: comparing a current list of results with a list of results corresponding to one or more previous backups of the production system; identifying at least one differentiating factor indicative of a vulnerability; and communicating the at least one differentiating factor to a user. 13 . The method of claim 1 further comprising: tracking at least one emerging new threat or vulnerability as detected by threat intelligence; and revising the set of dynamic automatic tests for testing the live mirror system on the testing computer. 14 . A system for evaluating a production system by testing a live mirror image of the production system, the system comprising: a testing computer configured to run a live copy of the production system as a live mirror system; a mirror update transporter configured to obtain a mirror update comprising changes to the live production system that occurred since a previous mirror update, and to deliver the mirror update to the testing computer to create a near real-time copy of the production system on the live mirror system; a mounting module configured to apply the mirror update to the live mirror system; a testing module configured to: run a set of dynamic automatic tests against the live mirror system on the testing computer to evaluate the production system for at least one vulnerability or defect, and generate a list of results of execution of the set of tests on the testing computer, wherein the list of results is indicative of the at least one vulnerability or defect, save the list of results in computer memory or communicate it to a user, wherein at least one of: obtaining the mirror update is stopped before the running the set of dynamic automatic tests on the live mirror system on the testing computer starts, replicating a set of files associated with the live mirror update is stopped before the running the set of dynamic automatic tests on the live mirror system on the testing computer starts, or applying mirror update to the live mirror system is stopped before the running the set of dynamic automatic tests on the live mirror system on the testing computer starts. 15 . The system of claim 14 , further comprising: a mirror update backup generator configured to generate the mirror update. 16 . The system of claim 14 , wherein the production system is at least one of a virtual machine, a virtual environment, a container, a scripting engine, or a web server. 17 . The system of claim 14 , further comprising: a communication module to deliver the list of results to a user by: sending an electronic communication; displaying on a display unit of a user's computer; printing in a print media; or publishing in electronic media. 18 . The system of claim 14 , wherein the testing module is further configured to collect the list of results from each iteration of the testing against the live mirror system and store the list of results from each iteration of the testing for analysis. 19 . The system of claim 14 , further comprising: a communication module configured to: compare a current list of results with a list of results corresponding to one or more previous backups of the production system; identify at least one differentiating factor indicative of a vulnerability; and communicate the at least one differentiating factor to a user. 20 . The method of claim 1 , wherein replicating a set of files or other data units associated with the mirror update comprises enumerating one or more newly created files or currently-running processes since a last evaluation.