Recently on SearchCloudSecurity
How hackers use Docker APIs for cryptojacking
Remote access puts Docker APIs in a vulnerable position. Expert Dave Shackleford explains how hackers abuse Docker APIs to carry out cryptojacking attacks.
More Highlights
- Critical Kubernetes vulnerability could have widespread effects
News roundup: A critical Kubernetes vulnerability was found in the system's API server and could have a wide reach. Plus, ESET found 21 new Linux malware families, and more.
- What's different about Google Asylo for confidential computing?
The Google Asylo framework is an open source alternative for confidential computing. Expert Rob Shapland explains how it works and how it's different from other offerings.
- How Google's cloud data deletion process can influence security policies
Understanding the process behind Google's cloud data deletion can help influence stronger enterprise security policies. Expert Ed Moyle explains the process and how to use it.
Definitions
- SSAE 16
The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA), for redefining and updating how service companies report on compliance controls.
- software-defined perimeter (SDP)
Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity.
- CAIQ (Consensus Assessments Initiative Questionnaire)
The Consensus Assessments Initiative Questionnaire (CAIQ) is a survey provided by the Cloud Security Alliance (CSA) for cloud consumers and auditors to assess the security capabilities of a cloud service provider.
Browse CloudSecurity Topics
Compliance and Governance
Learn how to maintain cloud computing compliance with government regulations and industry standards when moving IT operations and applications to a cloud environment. Also learn about cloud audit procedures, data governance for the cloud and other cloud computing management topics involving security.
Recent Definitions
- SSAE 16
The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA), for redefining and updating how service companies report on compliance controls.
- software-defined perimeter (SDP)
Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity.
- CAIQ (Consensus Assessments Initiative Questionnaire)
The Consensus Assessments Initiative Questionnaire (CAIQ) is a survey provided by the Cloud Security Alliance (CSA) for cloud consumers and auditors to assess the security capabilities of a cloud service provider.
Highlights
- How hackers use Docker APIs for cryptojacking
- Critical Kubernetes vulnerability could have widespread effects
- What's different about Google Asylo for confidential computing?
More Compliance and Governance Topics
- Cloud Compliance: Federal Regulations and Industry Regulations
- Cloud Computing Frameworks and Standards
- Cloud Computing Security Issues: Incident Response - Data Breach Prevention
- Cloud Computing SLAs and Legal Issues
- Evaluating Cloud Computing Providers
- PCI DSS Requirements for Cloud Computing
Virtualization
Virtualization is at the core of any cloud computing initiative, regardless of delivery model or deployment method. Service providers, or internal enterprise private cloud managers, use virtualization technology to realize efficiencies and flexibility offered by cloud computing. This section covers the risks and considerations around cloud computing virtualization security, including how to manage and ensure secure multitenancy of virtual machines on a single host, security risks and threats by Web-based hackers to the hypervisor, and how to handle data management and data governance.
Recent Definitions
- virtual firewall
A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment.
- Cloudburst VM escape
Cloudburst VM (virtual machine) escape is an exploit method, credited to research firm Kostya Kortchinsky Immunity Inc., that takes advantage of IBM's Cloudburst cloud service provisioning software for cloud providers and a flaw in VMware Workstation to enable a guest-level virtual machine to attack its host.
- hypervisor security
Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, including during development, implementation, provisioning, management and de-provisioning.
Highlights
- What Microsoft's InPrivate Desktop feature could mean for enterprises
- How can a hypervisor deployment avoid security risks?
- Understanding VM escape vulnerabilities and how to avoid them
Operations
As your organization moves its infrastructure, applications and data into the cloud, security operations such as network security, vulnerability management, data protection and application security, as well as cloud-based security services, take on new importance. Learn how to handle cloud security management, including how to keep the integrity of your data and applications as they move to the cloud and how outsourced IT operations affect security operations.
Recent Definitions
- SSAE 16
The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance on using the standards, published by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA), for redefining and updating how service companies report on compliance controls.
- SPI model
SPI is an acronym for the most common cloud computing service models, software as a service, platform as a service and infrastructure as a service.
- software-defined perimeter (SDP)
Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity.
Highlights
- Critical Kubernetes vulnerability could have widespread effects
- What's different about Google Asylo for confidential computing?
- How Google's cloud data deletion process can influence security policies
More Operations Topics
- Cloud Data Storage, Encryption and Data Protection Best Practices
- Cloud Network Security Trends and Tactics
- Cloud Patch Management and Cloud Configuration Management
- Cloud Provisioning and Cloud Identity Management Issues
- Cloud Security Services: Cloud-Based Vulnerability Scanning and Antivirus
- Legacy Application Modernization for the Cloud
Architecture
Before purchasing or building cloud systems and services, learn the cloud computing security considerations and challenges involved the various cloud computing architecture models and how to address the "security in the cloud" challenge successfully.
Recent Definitions
- software-defined perimeter (SDP)
Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity.
- Google Cloud Key Management Service (KMS)
Google Cloud Key Management Service (KMS) is a cloud service for managing encryption keys for other Google cloud services that enterprises can use to implement cryptographic functions.
- CipherCloud
CipherCloud is a vendor that provides a cloud access security broker (CASB) platform, along with a number of security services, aimed at helping organizations secure their cloud-based applications.
Highlights
- The time to consider SIEM as a service has arrived
- How the NetSpectre vulnerability affects the cloud
- CCSP Domain 5: Operations shape secure cloud infrastructure
More Architecture Topics
- Cloud Computing Infrastructure as a Service (IaaS) Security
- Cloud Computing Platform as a Service (PaaS) Security
- Cloud Computing Software as a Service (SaaS) Security
- Hybrid and Private Cloud Computing Security
- Public Cloud Computing Security