Recently on SearchCloudSecurity
The risks of container image repositories compared to GitHub
As container use rises, so does the use of container image repositories. Expert Dave Shackleford discusses the risks associated with them and how they compare to other registries.
More Highlights
- Harden cloud apps with a secure software development lifecycle
Wouldn't it be nice if every application were 100% cloud-ready? Unfortunately, that's often not the case, which can lead to security risks down the line if not properly addressed.
- The threat of shadow admins in the cloud to enterprises
Having shadow admins in the cloud means unauthorized users can access everything a legitimate administrator can. Expert Ed Moyle explains how this works and how to stop it.
- How to use Packetbeat to monitor Docker container traffic
Docker containers can help secure cloud applications, but malicious traffic can still move to and from those containers on a network. Dejan Lukan explains how to use Packetbeat to monitor such threats.
Definitions
- Google Cloud Key Management Service (KMS)
Google Cloud Key Management Service (KMS) is a cloud service for managing encryption keys for other Google cloud services that enterprises can use to implement cryptographic functions.
- AWS CloudTrail
AWS CloudTrail is an application program interface (API) call-recording and log-monitoring Web service offered by Amazon Web Services (AWS).
- cloud access security broker (CASB)
Cloud access security brokers (CASBs) are tools or services that enforce an organization's security policies in a public cloud environment.
Browse CloudSecurity Topics
Compliance and Governance
Learn how to maintain cloud computing compliance with government regulations and industry standards when moving IT operations and applications to a cloud environment. Also learn about cloud audit procedures, data governance for the cloud and other cloud computing management topics involving security.
Recent Definitions
- incident response
Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident, or security incident.
- cloud computing
Cloud computing is a general term for the delivery of hosted services over the internet.
- shared responsibility model
A shared responsibility model is a cloud security framework that dictates the security obligations of a cloud computing provider and its users to ensure accountability.
Highlights
- Harden cloud apps with a secure software development lifecycle
- CCSP Domain 3: Maintaining a secure cloud infrastructure
- How much do you know about cloud risk assessment?
More Compliance and Governance Topics
- Cloud Compliance: Federal Regulations and Industry Regulations
- Cloud Computing Frameworks and Standards
- Cloud Computing Security Issues: Incident Response - Data Breach Prevention
- Cloud Computing SLAs and Legal Issues
- Evaluating Cloud Computing Providers
- PCI DSS Requirements for Cloud Computing
Virtualization
Virtualization is at the core of any cloud computing initiative, regardless of delivery model or deployment method. Service providers, or internal enterprise private cloud managers, use virtualization technology to realize efficiencies and flexibility offered by cloud computing. This section covers the risks and considerations around cloud computing virtualization security, including how to manage and ensure secure multitenancy of virtual machines on a single host, security risks and threats by Web-based hackers to the hypervisor, and how to handle data management and data governance.
Recent Definitions
- Cloudburst VM escape
Cloudburst VM (virtual machine) escape is an exploit method, credited to research firm Kostya Kortchinsky Immunity Inc., that takes advantage of IBM's Cloudburst cloud service provisioning software for cloud providers and a flaw in VMware Workstation to enable a guest-level virtual machine to attack its host.
- hypervisor security
Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, including during development, implementation, provisioning, management and de-provisioning.
- AV storm
An AV storm is the performance degradation that occurs when antivirus software simultaneously scans multiple virtual machines (VMs) on a single physical host.
Highlights
- How can a hypervisor deployment avoid security risks?
- Understanding VM escape vulnerabilities and how to avoid them
- What a CPU cache exploit means for multi-tenant cloud security
Operations
As your organization moves its infrastructure, applications and data into the cloud, security operations such as network security, vulnerability management, data protection and application security, as well as cloud-based security services, take on new importance. Learn how to handle cloud security management, including how to keep the integrity of your data and applications as they move to the cloud and how outsourced IT operations affect security operations.
Recent Definitions
- DMZ (networking)
In computer networks, a DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a physical or logical subnet that separates an internal local area network (LAN) from other untrusted networks, usually the internet.
- identity management (ID management)
Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or groups of people to have access to applications, systems or networks by associating user rights and restrictions with established identities.
- identity and access management (IAM)
Identity and access management (IAM) is a framework for business processes that facilitates the management of electronic or digital identities.
Highlights
- The risks of container image repositories compared to GitHub
- The threat of shadow admins in the cloud to enterprises
- How to use Packetbeat to monitor Docker container traffic
More Operations Topics
- Cloud Data Storage, Encryption and Data Protection Best Practices
- Cloud Network Security Trends and Tactics
- Cloud Patch Management and Cloud Configuration Management
- Cloud Provisioning and Cloud Identity Management Issues
- Cloud Security Services: Cloud-Based Vulnerability Scanning and Antivirus
- Legacy Application Modernization for the Cloud
Architecture
Before purchasing or building cloud systems and services, learn the cloud computing security considerations and challenges involved the various cloud computing architecture models and how to address the "security in the cloud" challenge successfully.
Recent Definitions
- Google Cloud Key Management Service (KMS)
Google Cloud Key Management Service (KMS) is a cloud service for managing encryption keys for other Google cloud services that enterprises can use to implement cryptographic functions.
- CipherCloud
CipherCloud is a vendor that provides a cloud access security broker (CASB) platform, along with a number of security services, aimed at helping organizations secure their cloud-based applications.
- cloud computing
Cloud computing is a general term for the delivery of hosted services over the internet.
Highlights
- How to secure cloud buckets for safer storage
- Posting passwords on Trello leads to latest data exposure mess
- CCSP Practice Exam and Study Guides
More Architecture Topics
- Cloud Computing Infrastructure as a Service (IaaS) Security
- Cloud Computing Platform as a Service (PaaS) Security
- Cloud Computing Software as a Service (SaaS) Security
- Hybrid and Private Cloud Computing Security
- Public Cloud Computing Security