Browse Definitions:

SearchCloudSecurity

SearchCloudSecurity.com is the Web's most comprehensive resource for cloud security news, analysis and case studies. Learn who the key players are and how they rate against each other, how the technology works, and how you consume and pay for it. Plus, access case studies of successful deployments in the cloud with explanations of new business opportunities and how to tap into them.

View the complete archive of Cloud Security news, research and expert advice.

Go to:  SearchCloudSecurity

Recently on  SearchCloudSecurity

How to effectively manage the cloud logs of security events

Cloud logs of security events produce an abundance of data. Expert Dave Shackleford discusses how to filter through it and get to the important security events.

More Highlights
Definitions
  • AWS CloudTrail

    AWS CloudTrail is an application program interface (API) call-recording and log-monitoring Web service offered by Amazon Web Services (AWS).

  • cloud access security broker (CASB)

    Cloud access security brokers (CASBs) are tools or services that enforce an organization's security policies in a public cloud environment.

  • CAIQ (Consensus Assessments Initiative Questionnaire)

    The Consensus Assessments Initiative Questionnaire (CAIQ) is a survey provided by the Cloud Security Alliance (CSA) for cloud consumers and auditors to assess the security capabilities of a cloud provider.

Browse CloudSecurity Topics

Compliance and Governance

Learn how to maintain cloud computing compliance with government regulations and industry standards when moving IT operations and applications to a cloud environment. Also learn about cloud audit procedures, data governance for the cloud and other cloud computing management topics involving security.

Recent Definitions

  • cloud computing

    Cloud computing is a general term for the delivery of hosted services over the internet. These services are broadly divided into three categories: IaaS, PaaS and SaaS.

  • cloud access security broker (CASB)

    Cloud access security brokers (CASBs) are tools or services that enforce an organization's security policies in a public cloud environment.

  • BYOE (bring your own encryption)

    BYOE (bring your own encryption) is a cloud computing security model that allows cloud service customers to use their own encryption software and manage their own encryption keys. 

Highlights

More Compliance and Governance Topics

Back to Top

Virtualization

Virtualization is at the core of any cloud computing initiative, regardless of delivery model or deployment method. Service providers, or internal enterprise private cloud managers, use virtualization technology to realize efficiencies and flexibility offered by cloud computing. This section covers the risks and considerations around cloud computing virtualization security, including how to manage and ensure secure multitenancy of virtual machines on a single host, security risks and threats by Web-based hackers to the hypervisor, and how to handle data management and data governance.

Recent Definitions

  • Cloudburst VM escape

    Cloudburst VM (virtual machine) escape is an exploit method, credited to research firm Kostya Kortchinsky Immunity Inc., that takes advantage of IBM's Cloudburst cloud service provisioning software for cloud providers and a flaw in VMware Workstation to enable a guest-level virtual machine to attack its host.

  • hypervisor security

    Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, including during development, implementation, provisioning, management and de-provisioning.

  • AV storm

    An AV storm is the performance degradation that occurs when antivirus software simultaneously scans multiple virtual machines (VMs) on a single physical host. 

Highlights

Back to Top

Operations

As your organization moves its infrastructure, applications and data into the cloud, security operations such as network security, vulnerability management, data protection and application security, as well as cloud-based security services, take on new importance. Learn how to handle cloud security management, including how to keep the integrity of your data and applications as they move to the cloud and how outsourced IT operations affect security operations.

Recent Definitions

  • Software as a Service (SaaS)

    Software as a service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.

  • software-defined perimeter (SDP)

    Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance. All endpoints attempting to access a given infrastructure must be authenticated and authorized prior to entrance.

  • identity management (ID management)

    Identity management (ID management) is a broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity.

Highlights

More Operations Topics

Back to Top

Architecture

Before purchasing or building cloud systems and services, learn the cloud computing security considerations and challenges involved the various cloud computing architecture models and how to address the "security in the cloud" challenge successfully.

Recent Definitions

  • cloud computing

    Cloud computing is a general term for the delivery of hosted services over the internet. These services are broadly divided into three categories: IaaS, PaaS and SaaS.

  • AWS CloudTrail

    AWS CloudTrail is an application program interface (API) call-recording and log-monitoring Web service offered by Amazon Web Services (AWS).

  • cloud access security broker (CASB)

    Cloud access security brokers (CASBs) are tools or services that enforce an organization's security policies in a public cloud environment.

Highlights

More Architecture Topics

Back to Top

-ADS BY GOOGLE

SearchCompliance

  • PCAOB (Public Company Accounting Oversight Board)

    The Public Company Accounting Oversight Board (PCAOB) is a Congressionally-established nonprofit that assesses audits of public ...

  • cyborg anthropologist

    A cyborg anthropologist is an individual who studies the interaction between humans and technology, observing how technology can ...

  • RegTech

    RegTech, or regulatory technology, is a term used to describe technology that is used to help streamline the process of ...

SearchSecurity

  • application whitelisting

    Application whitelisting is the practice of identifying applications that have been deemed safe for execution and restricting all...

  • security

    Security, in information technology (IT), is the defense of digital information and IT assets against internal and external, ...

  • insider threat

    An insider threat is a malicious hacker (also called a cracker or a black hat) who is an employee or officer of a business, ...

SearchHealthIT

  • Affordable Care Act (ACA or Obamacare)

    The Affordable Care Act (ACA) is legislation passed in 2010 that changed how uninsured Americans enroll in and receive healthcare...

  • HIPAA Privacy Rule

    The Standards for Privacy of Individually Identifiable Health Information, commonly known as the HIPAA Privacy Rule, establishes ...

  • HIPAA business associate agreement (BAA)

    Under the U.S. Health Insurance Portability and Accountability Act of 1996, a HIPAA business associate agreement (BAA) is a ...

SearchDisasterRecovery

  • data recovery

    Data recovery restores data that has been lost, accidentally deleted, corrupted or made inaccessible. Learn how data recovery ...

  • disaster recovery plan (DRP)

    A company's disaster recovery policy is enhanced with a documented DR plan that formulates strategies, and outlines preparation ...

  • fault-tolerant

    Systems with integrated fault tolerance are designed to withstand multiple hardware failures to ensure continuous availability.

SearchStorage

  • data deduplication

    Deduplication retains one unique data instance to reduce storage and bandwidth consumed by remote backups, replication and ...

  • byte

    In most computer systems, a byte is a unit of data that is eight binary digits long. Bytes are often used to represent a ...

  • Secure Digital card (SD card)

    SD cards use flash memory to provide nonvolatile storage. They are more rugged than traditional storage media and are used in ...

SearchSolidStateStorage

  • flash file system

    Flash file systems are designed specifically for memory devices. A well-designed flash device and flash file system ensure ...

  • IOPS (input/output operations per second)

    IOPS measures the maximum number of reads and writes to non-contiguous storage. It is not an actual benchmark since vendor ...

  • eMMC (embedded MultiMediaCard)

    An embedded MultiMediaCard (eMMC) is a small storage device made up of NAND flash memory and a simple storage controller.

SearchCloudStorage

  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

  • Zadara VPSA and ZIOS

    Zadara Storage provides block, file or object storage with varying levels of compute and capacity through its ZIOS and VPSA ...

Close