Cloud Security Definitions

  • A

    AV storm

    An AV storm is the performance degradation that occurs when antivirus software simultaneously scans multiple virtual machines (VMs) on a single physical host. 

  • AWS CloudTrail

    AWS CloudTrail is an application program interface (API) call-recording and log-monitoring Web service offered by Amazon Web Services (AWS).

  • B

    BIOS rootkit

    A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration. Because the rootkit lives in the computer’s BIOS (basic input/output system), it persists not only through attempts to reflash the BIOS but also through hard drive erasure or replacement.

  • BIOS rootkit attack

    A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code. A BIOS rootkit is programming that enables remote administration.

  • blue pill rootkit

    The blue pill rootkit is malware that executes as a hypervisor to gain control of computer resources. Joanna Rutkowska, a security researcher for Singapore-based IT security firm COSEINC, developed the Blue Pill rootkit as proof-of-concept malware, which she demonstrated at the 2006 Black Hat Briefings conference.

  • C

    CAIQ (Consensus Assessments Initiative Questionnaire)

    The Consensus Assessments Initiative Questionnaire (CAIQ) is a survey provided by the Cloud Security Alliance (CSA) for cloud consumers and auditors to assess the security capabilities of a cloud provider.

  • clickwrap agreement (clickthrough agreement or clickwrap license)

    A clickwrap agreement (also known as a clickthrough agreement or clickwrap license) is an online contract that confirms user consent to a company's terms and conditions.

  • cloud access security broker (CASB)

    Cloud access security brokers (CASBs) are tools or services that enforce an organization's security policies in a public cloud environment.

  • Cloud Controls Matrix

    The Cloud Controls Matrix is a baseline set of security controls created by the Cloud Security Alliance to help enterprises assess the risk associated with a cloud computing provider.

  • Cloud Security Alliance (CSA)

    (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the ability of cloud technologies to secure other forms of computing. The industry group also provides security education and guidance to companies implementing cloud computing and helps vendors address security in their software delivery models.

  • CloudAudit

    CloudAudit is a specification for the presentation of information about how a cloud computing service provider addresses control frameworks. The specification provides a standard way to present and share detailed, automated statistics about performance and security.

  • Cloudburst VM escape

    Cloudburst VM (virtual machine) escape is an exploit method, credited to research firm Kostya Kortchinsky Immunity Inc., that takes advantage of IBM's Cloudburst cloud service provisioning software for cloud providers and a flaw in VMware Workstation to enable a guest-level virtual machine to attack its host.

  • CloudTrust Protocol (CTP)

    The CloudTrust Protocol or CTP is a mechanism that helps cloud service customers request and retrieve standardized inquiries about cloud provider transparency.

  • E

    ENISA (European Network and Information Security Agency)

    The European Network and Information Security Agency (ENISA) is a European Union (EU) agency dedicated to preventing and addressing network security and information security problems.

  • G

    Google Cloud Key Management Service (KMS)

    Google Cloud Key Management Service (KMS) is a cloud service for managing encryption keys for other Google cloud services that enterprises can use to implement cryptographic functions.

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly.com

Close