CloudSec Academy

Greg Zemlin

11 Juli 2025

Digitale Forensik und Incident Response (DFIR) ist ein Bereich innerhalb der Cybersicherheit, der sich mit der Identifizierung, Untersuchung und Reaktion auf Cyberangriffe befasst.

Lauren Place

11 Juli 2025

A security operations center (SOC) framework defines how an organization detects, investigates, and responds to threats. A SOC framework isn’t just a policy doc. It’s the people, processes, and technologies that keep threats in check—now redesigned for cloud speed and scale.

Shaked Rotlevi

11 Juli 2025

Cloud entitlements are access and administrative privileges that define what resources users can access and how they can interact with those resources.

Chris Champa

10 Juli 2025

An incident response plan (IRP) is a detailed framework that provides clear, step-by-step guidelines to detect, contain, eradicate, and recover from security incidents.

Chris Champa

9 Juli 2025

Open-source software (OSS) incident response (IR) tools are publicly available tools enterprises use to effectively manage and respond to numerous security threats.

Swaroop Sham

9 Juli 2025

Code-Sicherheit, auch bekannt als sichere Codierung, bezieht sich auf die Praktiken, Methoden und Tools, die sicherstellen sollen, dass der für Anwendungen und Systeme geschriebene Code vor Schwachstellen und Bedrohungen geschützt ist.

This article will give you a refresher on code security and review the most popular open-source code security tools available.

Nicolas Ehrman

9 Juli 2025

Azure Kubernetes Service (AKS) delivers Kubernetes as a managed service in Azure and is popular among organizations looking for a hassle-free Kubernetes solution in the cloud.

Shaked Rotlevi

8 Juli 2025

Prompt-Injection-Angriffe sind eine KI-Sicherheitsbedrohung, bei der ein Angreifer die Eingabeaufforderung in NLP-Systemen (Natural Language Processing) manipuliert, um die Ausgabe des Systems zu beeinflussen.

Shaked Rotlevi

8 Juli 2025

Unter Datenlecks versteht man die unkontrollierte Exfiltration von Unternehmensdaten an Dritte. Dies geschieht auf verschiedene Weise wie falsch konfigurierte Datenbanken, schlecht geschützte Netzwerkserver, Phishing-Angriffe oder sogar unvorsichtiger Umgang mit Daten.

Allison Jackson

2 Juli 2025

Cloud cost optimization is the continuous practice of making sure you’re only paying for the compute resources you actually need. It's about matching the supply of your instances to the real-time demand of your workloads, selecting the right pricing models, and ruthlessly eliminating waste.

Allison Jackson

2 Juli 2025

Cloud cost optimization is the systematic practice of reducing cloud spend while improving cloud efficiency through enhanced visibility, resource rightsizing, workload automation, and team accountability.

Modern vulnerability management is evolving into Unified Vulnerability Management (UVM)—a single approach that connects all scanners, adds cloud context, and turns scattered findings into prioritized, fixable risks.

Shaked Rotlevi

2 Juli 2025

ChatGPT security is the process of protecting an organization from the compliance, brand image, customer experience, and general safety risks that ChatGPT introduces into applications.

An incident response framework is a blueprint that helps organizations deal with security incidents in a structured and efficient way. It outlines the steps to take before, during, and after an incident, and assigns roles and responsibilities to different team members.

Lauren Place

27 Juni 2025

This guide provides a straightforward comparison between CrowdStrike’s security offerings and other cybersecurity tools in the marketplace.

Shaked Rotlevi

26 Juni 2025

Cyber asset attack surface management (CAASM) is a security practice that gives teams unified visibility and control over all enterprise assets—cloud, SaaS, on-prem, and beyond. It helps eliminate blind spots and reduce risk by correlating asset data from across your environment and tools. CAASM enables teams to query, prioritize, and act from a single source of truth.

This article explores the NIST IR model and capabilities to look out for when choosing IR tools to support NIST SP 800-61 Rev. 2 implementation.

Beim Schwachstellen-Scanning werden Sicherheitslücken in IT-Systemen, Netzwerken und Software erkannt und bewertet.

Malware scanning is the process of inspecting files, systems, and cloud resources for signs of malicious software—before it causes damage.

Data poisoning threatens the cloud, especially when 70% of cloud environments use AI services. Learn about the top threats and how to protect your organization.

Access top incident response plan templates for your security team, find out which are cloud native, and learn how you can respond faster to minimize damage.

Attack surface analysis is a cybersecurity practice that identifies and evaluates all potential access points, external and internal, that an attacker could exploit.

Let's compare on-premises and cloud security, examine their differences, and explore key cloud-specific security concepts to help you choose the best approaches to security for your entire organization.