Cloud Risk Academy

Get all the information you need about Cloud Risk, and how to mitigate it, from the experts at Wiz

Why Automation is Essential for Cloud Security

Legacy data centers have easily identifiable physical boundaries (the walls around them), and commissioning new services with traditional technology meant raising purchase orders, getting equipment delivered, and building over several days, weeks, or months. That gave security teams plenty of time to engage, produce risk assessments and mitigation plans, and make sure their tools were properly set up.

Why Configuration Management is Essential to Cloud Security

Cloud configuration is the term for the processes used to create a cloud environment where all infrastructure and application elements can communicate and operate efficiently. The management of configuration can be a complicated matter, more so with hybrid and multi-cloud implementations than it was in the single-location networks of times past. Keeping track of parameters, secrets, and configuration items across environments is a massive undertaking.

What is Cloud Security?

Organizations are increasingly moving their data, applications, and services to the cloud. As new technologies are adopted in pursuit of efficiency and optimization, it is important to strike the right balance between the availability, flexibility, and collaboration opportunities emphasized by the cloud operating model, with the security implications of corporate systems being hosted on shared infrastructure and accessed over the internet.

What is the OWASP Serverless Top Ten?

The Open Web Application Security Project (OWASP) is an online community of application security experts producing resources that are globally recognized as a secure foundation upon which to build modern applications. The OWASP Top 10 has become a security standard for web application development, representing the consensus of the most critical security risks to web applications.

Moving from DevOps to DevSecOps

New security vulnerabilities are emerging every day, and organizations are looking for ways to build security into existing workflows to maximize their security posture and efficiency. DevOps + Security = DevSecOps, ensuring end to end protection of the software development life cycle (SDLC), and enabling the delivery of secure products to market in less time, in an environment in which security is everybody’s responsibility.

Managing Supply Chain Risks in CI/CD Pipelines

Software dependency security risks are an important consideration for modern applications and services, many of which use open-source components. Any software product using open-source components is reliant on third-parties to build software free of weaknesses or malware. The open-source community relies on its own trust model, with its users building external libraries into their source code and being responsible for their integrity and security.

Why Cloud-Native Applications Need Cloud-Native Protection

As the adoption of cloud-based services continues with no sign of slowing down, organizations are finding that the deployment of cloud infrastructure creates unique security challenges.

Container security: best practices for vulnerability management

Containerization has become popular with organizations worldwide thanks to the simplicity of the approach, as well as its development efficiencies and quick deployment times. While the development community embraces containerization to help them get solutions to market more quickly, security teams are concerned with the integrity of the deployment mechanism, and the overall risk profile.

Why Automation Is Critical When Choosing a Cloud Compliance Platform

Compliance is getting harder, and the complexity of the cloud can make it both difficult and expensive to manage. Your organization needs to consider compliance through many lenses - data protection, data localization and sovereignty, interception, and access to information, as well as regional and industry-specific regulations.

What is a Cloud Access Security Broker (CASB)?

CASBs play a critical role in providing visibility into how businesses use the cloud. They enforce security and governance rules to mitigate the risk that cloud services or SaaS apps could become weak links in an organization’s security posture. Without a CASB, you may not know which applications, services, and data your business has exposed in cloud environments. How would you know if those resources are secure if you don’t know they exist?

What is SOC 2 compliance?

Whether you offer Software-as-a-Service (SaaS) apps to customers, use SaaS apps yourself, or both, you need to be familiar with SOC 2 compliance. SOC 2 compliance rules provide a foundation for ensuring that sensitive data is managed in a secure way within the context of SaaS and other cloud-based services.

What is Cloud Security Posture Management (CSPM)?

In modern cloud environments, security monitoring and periodic audits won’t suffice for detecting threats before they turn into breaches. Instead, to achieve an environment that is as secure as possible, you need Cloud Security Posture Management, or CSPM. CSPM lays the foundation for minimizing the number of risks that exist within your clouds. CSPM tools help to automate cloud security, keeping cloud environments secure even as they grow larger and more complex.

What are cloud services?

Whether you’ve gone fully cloud-native in your application design or you’re running monolithic applications in the cloud, cloud services form the foundation for most application deployment strategies today. Understanding how cloud services work, and how to keep them secure, is essential for virtually every modern organization.

Understanding AWS Security Groups

One of the fundamental challenges you face with a cloud computing service like AWS is that you can’t implement all of the security controls that would be available to you on-premises, since you don’t have access to the physical infrastructure that powers your cloud environment. For example, you can’t set up the same types of network firewalls, because you don’t control your cloud provider’s network infrastructure. What you can do, however, is take advantage of solutions like AWS Security Groups, a powerful framework for controlling which network traffic can flow to and from cloud-based virtual machines.

Top cloud vulnerabilities for 2022

The popularity of cloud computing has grown exponentially in recent years, reducing costs, improving availability of service, and driving collaboration. With increased access and infrastructure being hosted on public-facing, shared platforms, come security challenges that cannot be met using outdated controls from traditional data centers. Cloud vulnerabilities take many forms, and it has never been more important for organizations to secure their accounts, subscriptions, VPCs, access control lists, and security groups from threats.

Top cloud computing security challenges

Understanding which security challenges you face when deploying applications and data into cloud environments is the first step in securing your cloud. Those challenges may vary depending on how your cloud is configured and which clouds you use, but in general, the typical organization faces the following core challenges when it comes to cloud computing security.

S3 bucket security risks and best practices

AWS S3 makes it easy to upload virtually unlimited volumes of data to the cloud, and store it at little cost. Although there is nothing inherently insecure about S3, access control misconfigurations and a lack of understanding about how S3 security works can turn S3 buckets into a vector for attack and data exfiltration. If you use S3 to store data, it’s critical to know the risks that come with it and how to mitigate them.

Google Cloud security best practices

While you may understand cloud security best practices that you should adhere to across multi-cloud environments, your security posture on Google Cloud Platform (GCP) relies on also addressing security challenges specific to the platform. You need to understand the Google shared responsibility model, distinctions between securing GCP and other clouds, and take advantage of the many tools available to secure your workloads hosted on the platform.

Cloud security basics and best practices

Shifting from on-prem to the cloud can open up significant possibilities for your organization. The cloud is economical, easily scalable, and can be accessible to users across your company. Along with the growth and flexibility it provides, moving to the cloud can also expose your organization to cyber security threats. It is essential that as your organization grows on the cloud, you also strive to protect your cloud-based environments, applications, and data.

Azure security tools your organization should consider

While Microsoft Azure can provide growth and flexibility, moving to the cloud can expose your organization to cyber security threats. Keeping Azure workloads secure requires deploying the right security tools. Azure is subject to a variety of risks, so you need multiple tools to keep your environment secure. Although no one tool provides end-to-end security on its own, each does its part to help you maintain a strong security posture for Azure-based workloads.