Browse Definitions:

SearchCloudSecurity

SearchCloudSecurity.com is the Web's most comprehensive resource for cloud security news, analysis and case studies. Learn who the key players are and how they rate against each other, how the technology works, and how you consume and pay for it. Plus, access case studies of successful deployments in the cloud with explanations of new business opportunities and how to tap into them.

View the complete archive of Cloud Security news, research and expert advice.

Go to:  SearchCloudSecurity

Recently on  SearchCloudSecurity

Why the use of blockchain in the cloud is growing quickly

Blockchain in the cloud may offer organizations the ability to shift away from traditional cryptography models. Expert Dave Shackleford discusses what options are available.

More Highlights
Definitions
  • AWS CloudTrail

    AWS CloudTrail is an application program interface (API) call-recording and log-monitoring Web service offered by Amazon Web Services (AWS).

  • cloud access security broker (CASB)

    Cloud access security brokers (CASBs) are tools or services that enforce an organization's security policies in a public cloud environment.

  • CAIQ (Consensus Assessments Initiative Questionnaire)

    The Consensus Assessments Initiative Questionnaire (CAIQ) is a survey provided by the Cloud Security Alliance (CSA) for cloud consumers and auditors to assess the security capabilities of a cloud provider.

Browse CloudSecurity Topics

Compliance and Governance

Learn how to maintain cloud computing compliance with government regulations and industry standards when moving IT operations and applications to a cloud environment. Also learn about cloud audit procedures, data governance for the cloud and other cloud computing management topics involving security.

Recent Definitions

  • cloud computing

    Cloud computing is a general term for the delivery of hosted services over the internet.

  • shared responsibility model

    A shared responsibility model is a cloud security framework that dictates the security obligations of a cloud computing provider and its users to ensure accountability.

  • cloud access security broker (CASB)

    Cloud access security brokers (CASBs) are tools or services that enforce an organization's security policies in a public cloud environment.

Highlights

More Compliance and Governance Topics

Back to Top

Virtualization

Virtualization is at the core of any cloud computing initiative, regardless of delivery model or deployment method. Service providers, or internal enterprise private cloud managers, use virtualization technology to realize efficiencies and flexibility offered by cloud computing. This section covers the risks and considerations around cloud computing virtualization security, including how to manage and ensure secure multitenancy of virtual machines on a single host, security risks and threats by Web-based hackers to the hypervisor, and how to handle data management and data governance.

Recent Definitions

  • Cloudburst VM escape

    Cloudburst VM (virtual machine) escape is an exploit method, credited to research firm Kostya Kortchinsky Immunity Inc., that takes advantage of IBM's Cloudburst cloud service provisioning software for cloud providers and a flaw in VMware Workstation to enable a guest-level virtual machine to attack its host.

  • hypervisor security

    Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, including during development, implementation, provisioning, management and de-provisioning.

  • AV storm

    An AV storm is the performance degradation that occurs when antivirus software simultaneously scans multiple virtual machines (VMs) on a single physical host. 

Highlights

Back to Top

Operations

As your organization moves its infrastructure, applications and data into the cloud, security operations such as network security, vulnerability management, data protection and application security, as well as cloud-based security services, take on new importance. Learn how to handle cloud security management, including how to keep the integrity of your data and applications as they move to the cloud and how outsourced IT operations affect security operations.

Recent Definitions

  • Software as a Service (SaaS)

    Software as a service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.

  • software-defined perimeter (SDP)

    Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance. All endpoints attempting to access a given infrastructure must be authenticated and authorized prior to entrance.

  • identity management (ID management)

    Identity management (ID management) is a broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity.

Highlights

More Operations Topics

Back to Top

Architecture

Before purchasing or building cloud systems and services, learn the cloud computing security considerations and challenges involved the various cloud computing architecture models and how to address the "security in the cloud" challenge successfully.

Recent Definitions

  • cloud computing

    Cloud computing is a general term for the delivery of hosted services over the internet.

  • cloud bursting

    Cloud bursting is an application deployment model in which an application normally runs in a private cloud or local data center but can also run in a public cloud when the demand for computing capacity spikes.

  • AWS CloudTrail

    AWS CloudTrail is an application program interface (API) call-recording and log-monitoring Web service offered by Amazon Web Services (AWS).

Highlights

More Architecture Topics

Back to Top

-ADS BY GOOGLE

SearchCompliance

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if ...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • audit program (audit plan)

    An audit program, also called an audit plan, is an action plan that documents what procedures an auditor will follow to validate ...

SearchSecurity

  • computer worm

    A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining ...

  • black hat

    Black hat refers to a hacker who breaks into a computer system or network with malicious intent.

  • copyright

    Copyright is a legal term describing ownership of control of the rights to the use and distribution of certain works of creative ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

  • mass notification system (MNS)

    A mass notification system is a platform that sends one-way messages to inform employees and the public of an emergency.

SearchStorage

  • non-volatile memory (NVM)

    Non-volatile memory (NVMe) is a semiconductor technology that does not require a continuous power supply to retain the data or ...

  • hybrid hard drive (HHD)

    A hybrid hard drive (HHD), sometimes known as a solid-state hybrid drive (SSHD), is a mass storage device that combines a ...

  • USB flash drive

    A USB flash drive -- also known as a stick, thumb or pen drive -- is a plug-and-play portable storage device that uses flash ...

SearchSolidStateStorage

  • RRAM or ReRAM (resistive RAM)

    RRAM or ReRAM (resistive random access memory) is a form of nonvolatile storage that operates by changing the resistance of a ...

  • JEDEC

    JEDEC is a global industry group that develops open standards for microelectronics.

  • M.2 SSD

    An M.2 SSD is a solid-state drive (SSD) that conforms to a computer industry specification written for internally mounted storage...

SearchCloudStorage

  • Google Cloud Storage

    Google Cloud Storage is an enterprise public cloud storage platform that can house large unstructured data sets.

  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

Close