SearchCloudSecurity
New & Notable
Manage
How to eliminate public access to AWS S3 buckets
AWS S3 buckets leaked millions of files, including sensitive data, by enabling public access. Learn how to block public access with expert David Shackleford.
Manage
How a cloud-based honeypot bolsters security
A cloud honeypot can help enterprises gather threat intelligence. Expert Frank Siemons explains why a cloud-based honeypot deployment is preferable to a traditional one.
Evaluate
How Docker APIs are abused for cryptojacking
Remote access puts Docker APIs in a vulnerable position. Expert Dave Shackleford explains how hackers abuse Docker APIs to carry out cryptojacking attacks.
News
First big Kubernetes security vulnerability discovered
News roundup: A critical Kubernetes vulnerability was found in the system's API server and could have a wide reach. Plus, ESET found 21 new Linux malware families, and more.
Trending Topics
-
Private and Hybrid Clouds
CCSP Practice Exam and Study Guides
Studying for, obtaining and maintaining your CCSP® certification has now become more convenient with SearchCloudSecurity.com.
-
Public Clouds Evaluate
New GCP tools look to improve cloud security
Google cloud security has been bolstered by new GCP tools and capabilities. Learn more about Google's improved cloud security features from expert Dave Shackleford.
-
Data Protection Evaluate
A look at the security of cloud databases
Unsecured Google Firebase databases are similar to misconfigured AWS S3 buckets, but there are key differences. Expert Rob Shapland discusses the risks of unsecured cloud databases.
-
Standards Evaluate
A look at Google's confidential computing framework
The Google Asylo framework is an open source alternative for confidential computing. Expert Rob Shapland explains how it works and how it's different from other offerings.
-
Virtualization Evaluate
Possible disposable sandboxes rival virtualization
Microsoft's secretive, potential new feature InPrivate Desktop could give security teams access to disposable sandboxes. Expert Ed Moyle explains how the feature could work.
-
IAM Evaluate
A look at anonymity in the cloud with browsers
Cloud browsers can provide a level of security for users seeking anonymity in the cloud. Expert Frank Siemons of the Infosec Institute explains the benefits of cloud browsers.
Topics Covered
-
Cloud Computing Compliance, Audit and Data Governance (6) +
Cloud Computing Virtualization: Secure Multitenancy - Hypervisor Protection
-
Cloud Security Management and Cloud Operations Security (6) +
- Cloud Data Storage, Encryption and Data Protection Best Practices
- Cloud Network Security Trends and Tactics
- Cloud Patch Management and Cloud Configuration Management
- Cloud Provisioning and Cloud Identity Management Issues
- Cloud Security Services: Cloud-Based Vulnerability Scanning and Antivirus
- Legacy Application Modernization for the Cloud
-
Security in the Cloud: Cloud Computing Architecture (5) +
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Cloud Security challenges.
Meet all of our Cloud Security experts
View all Cloud Security questions and answers
-
Margaret Rouse asks:
What are the greatest challenges you've encountered while implementing or administering a software-defined perimeter?
Find Solutions For Your Project
-
Evaluate
A look at the security of cloud databases
Unsecured Google Firebase databases are similar to misconfigured AWS S3 buckets, but there are key differences. Expert Rob Shapland discusses the risks of unsecured cloud databases.
-
What are the security risks of proxying in the cloud?
-
Strengthen cloud network security with these practices
-
How Docker APIs are abused for cryptojacking
-
-
Problem Solve
Monitoring and detecting cloud API vulnerabilities
A REST API vulnerability in Salesforce's Marketing Cloud service put users at risk of data disclosure. Learn how to detect cloud API vulnerabilities from expert Rob Shapland.
-
How cloud attacks use cryptomining software
-
How is GDPR cloud compliance different than on premises?
-
SQL injection protection methods in the cloud
-
-
Manage
How to eliminate public access to AWS S3 buckets
AWS S3 buckets leaked millions of files, including sensitive data, by enabling public access. Learn how to block public access with expert David Shackleford.
-
How a cloud-based honeypot bolsters security
-
How to use Trailblazer to prevent AWS security threats
-
The threat of new speculative execution attacks
-
Cloud Security Basics
-
Get Started
software-defined perimeter
Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance (CSA) that controls access to resources based on identity.
-
Get Started
hypervisor security
Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, including during development, implementation, provisioning, management and de-provisioning.
-
Get Started
clickwrap agreement (clickthrough agreement)
A clickwrap agreement, also known as a clickthrough agreement, is an online contract that confirms a user's consent to a company's terms and conditions.
Vendor Resources
- Top 10 Cloud Security Challenges –White Paper
- Cloud Security: Combat Threats to Your SaaS-Powered Business –White Paper
- The Three Critical Elements of Effective Security of AWS –Resource
Multimedia
-
News
View All -
Cloud Patch Management and Cloud Configuration Management
First big Kubernetes security vulnerability discovered
News roundup: A critical Kubernetes vulnerability was found in the system's API server and could have a wide reach. Plus, ESET found 21 new Linux malware families, and more.
-
Cloud Computing Compliance, Audit and Data Governance
Palo Alto bolsters cloud with security startup RedLock
Palo Alto Networks looks to bolster its cloud security portfolio with a $173 million acquisition of cloud security startup RedLock and integrate it with Evident.io technologies.
-
Cloud Provisioning and Cloud Identity Management Issues
Netflix shares new approach for monitoring credentials in AWS
At Black Hat 2018, a Netflix security engineer introduced a new open source tool designed to more effectively monitor AWS credentials in large cloud environments, like Netflix's.
SearchCloudSecurity Definitions
- software-defined perimeter (SDP)
- hypervisor security
- clickwrap agreement (clickthrough agreement)
- SSAE 16
- CAIQ (Consensus Assessments Initiative Questionnaire)
- virtual firewall
- Cloud Security Alliance (CSA)
- Google Cloud Key Management Service (KMS)