CloudSec Academy

CloudSec Academy へようこそ。クラウドセキュリティの頭字語と業界用語のアルファベットスープをナビゲートするためのガイドです。 明確で簡潔、かつ専門的に作成されたコンテンツで、基本的なことからベストプラクティスまでをカバーします。

The Open-Source CNAPP Toolkit

Wiz エキスパートチーム

With a CNAPP, your team is empowered to pick and choose solutions that best fit your security capability and cost requirements. This article reviews the best open-source CNAPP tools for 2024.

Sensitive Data Discovery

Wiz エキスパートチーム

In this post, we’ll find out why the sensitive data discovery process is so important—along with some of the main challenges. We’ll see how companies tackle the daunting task of classifying their data.

Top OSS Incident Response Tools

Open-source software (OSS) incident response (IR) tools are publicly available tools enterprises use to effectively manage and respond to numerous security threats.

Identity Security [Cloud Edition]

Wiz エキスパートチーム

Cloud identity security is the practice of safeguarding digital identities and the sensitive cloud infrastructure and data they gatekeep from unauthorized access and misuse.

Top 9 OSINT tools

Wiz エキスパートチーム

Open-source intelligence (OSINT) is a framework that involves gathering, analyzing, and interpreting publicly available data to gain insights into cyber threats, adversarial activities, and attack techniques. OSINT identifies innocuous-seeming information that, if analyzed with an attacker’s mindset, could reveal critical loopholes in an enterprise’s security posture.

Top OSS Vulnerability Scanners [By Category]

Wiz エキスパートチーム

Vulnerability scanning is an integral component of every vulnerability management program, providing security teams with insights needed to address vulnerabilities before they become attack vectors. When conducted regularly, vulnerability assessments offer asset discovery and visibility, attack surface management, and compliance enforcement.

What is Cloud Data Security? Risks and Best Practices

Wiz エキスパートチーム

Cloud data security is the comprehensive strategy of preventing data loss or leakage in the cloud from security threats like unauthorized access, data breaches, and insider threats.

Effective Permissions: A Security Review

Wiz エキスパートチーム

In this article, we will explore the challenges of managing permissions, the risks associated with improper access controls, and how major cloud providers handle permissions. We’ll also take a look at best practices and advanced solutions like cloud infrastructure entitlement management (CIEM).

Source Code Leaks: Risks, Examples, and Prevention

Wiz エキスパートチーム

In this blog post, we’ll explore security measures and continuous monitoring strategies to prevent these leaks, mitigating the risks posed by security vulnerabilities, human error, and attacks.

What is Cloud Risk Management?

Wiz エキスパートチーム

In this article, we’ll explore what cloud risk management entails and take an in-depth look at the tools that can keep your systems safe.

Defense in Depth: Cloud Edition

Wiz エキスパートチーム

Defense in depth is often considered a basic concept in any effective security strategy.

Secrets Detection: A Fast-Track Guide

Secrets detection is the process of identifying and managing sensitive information like API keys, passwords, and tokens within codebases to prevent unauthorized access and data breaches.

脆弱性スキャン (Vulnerability Scanning)

Wiz エキスパートチーム

脆弱性スキャンは、ITシステム、ネットワーク、およびソフトウェアのセキュリティ上の欠陥を検出して評価するプロセスです。

LLM Security for Enterprises: Risks and Best Practices

Wiz エキスパートチーム

LLM models, like GPT and other foundation models, come with significant risks if not properly secured. From prompt injection attacks to training data poisoning, the potential vulnerabilities are manifold and far-reaching.

Data Security Compliance Explained

Data security compliance is a critical aspect of data governance that involves adhering to the security-centric rules and regulations set forth by supervisory and regulatory bodies, including federal agencies.

Top 9 OSS API Security Tools

Wiz エキスパートチーム

A guide on the 9 best OSS API security tools that protect sensitive data, infrastructure, and business logic from unauthorized access, data theft, and other attacks.

Data Leakage: Risks, Causes, & Prevention

Data leakage is the unchecked exfiltration of organizational data to a third party. It occurs through various means such as misconfigured databases, poorly protected network servers, phishing attacks, or even careless data handling.

Vulnerability Prioritization in the Cloud: Strategies + Steps

Vulnerability prioritization is the practice of assessing and ranking identified security vulnerabilities based on critical factors such as severity, potential impact, exploitability, and business context. This ranking helps security experts and executives avoid alert fatigue to focus remediation efforts on the most critical vulnerabilities.

AI Risk Management: Essential AI SecOps Guide

AI risk management is a set of tools and practices for assessing and securing artificial intelligence environments. Because of the non-deterministic, fast-evolving, and deep-tech nature of AI, effective AI risk management and SecOps requires more than just reactive measures.

SAST vs. SCA: What's the Difference?

SAST (Static Application Security Testing) analyzes custom source code to identify potential security vulnerabilities, while SCA (Software Composition Analysis) focuses on assessing third-party and open source components for known vulnerabilities and license compliance.

Top 9 OSS CSPM Tools

Wiz エキスパートチーム

In this article, we’ll explore the top 9 OSS CSPM tools available today, each with its unique capabilities and benefits for helping organizations identify cloud misconfigurations, prevent security breaches, and ensure compliance with industry standards.

Database Security Explained

Database security is the process of identifying, assessing, and mitigating risks that can compromise the confidentiality, integrity, and availability of data.

MTTD and MTTR in Cybersecurity Incident Response

Most incident response teams measure both MTTD and MTTR to not only shorten attackers’ dwell times in their systems but also to gauge the team’s readiness to combat future security incidents and then optimize response times.

The Vulnerability Management Lifecycle in 6 Stages

Wiz エキスパートチーム

The vulnerability management lifecycle consists of six key stages: identification and assessment, prioritization, remediation and mitigation, verification and validation, reporting, and monitoring and improvement.

The Threat of Adversarial AI

Wiz エキスパートチーム

Adversarial artificial intelligence (AI), or adversarial machine learning (ML), is a type of cyberattack where threat actors corrupt AI systems to manipulate their outputs and functionality.

What is a Vulnerability Management Program?

Wiz エキスパートチーム

A vulnerability management program is a structured, continuous approach to identifying, evaluating, and mitigating security weaknesses across an organization's IT ecosystem.

What Is Cloud Incident Response?

Cloud incident response is a strategic approach to detecting and recovering from cyberattacks on cloud-based systems with the goal of minimizing the impact to your workloads and business operation accordingly.

Incident Response Team Depth Chart: Roles & responsibilities

Wiz エキスパートチーム

An incident response team is a specialized security unit within an organization whose primary duties involve responding to cyber incidents and addressing compromised systems, applications, and data.

SecOps Explained

Wiz エキスパートチーム

SecOps is the collaborative integration of IT security and operations teams to protect and manage an organization's digital assets more efficiently.

What is Cloud Threat Modeling?

Cloud threat modeling is a systematic approach designed to uncover, evaluate, and rank the potential security vulnerabilities and dangers unique to cloud-based systems and infrastructure.

Security logs

Cloud security logs are formatted text records that capture events and activities as they occur in a cloud environment, providing insight into what’s happening within that environment in real time.

The SOC Team Roster: Roles & responsibilities

Wiz エキスパートチーム

A security operations center (SOC) team is a group of highly skilled professionals responsible for scanning IT environments and identifying and remediating cybersecurity threats and incidents

What is Cloud Network Security?

Wiz エキスパートチーム

Cloud network security is a combination of tools, processes, and policies that protect your cloud environments.

What is Security as Code (SaC)?

Security as Code (SaC) is a methodology that integrates security measures directly into the software development process. It involves codifying security policies and decisions, and automating security checks, tests, and gates within the DevOps pipeline.

What is Cloud Forensics?

Cloud forensics is a branch of digital forensics that applies investigative techniques to collecting and evaluating critical evidence in cloud computing environments following a security incident.

What is LLM Jacking?

LLM jacking is an attack technique that cybercriminals use to manipulate and exploit an enterprise’s cloud-based LLMs (large language models).

What is Credential Access (TA0006)?

Wiz エキスパートチーム

Credential access is a cyberattack technique where threat actors access and hijack legitimate user credentials to gain entry into an enterprise's IT environments.

What is Cloud Visibility? + Best Practices

Wiz エキスパートチーム

As cloud adoption grows, the only way to mitigate risks and access the full spectrum of cloud capabilities is to prioritize visibility. Read on to learn more about cloud visibility—and how to achieve it.

Using eBPF in Kubernetes: A security overview

Wiz エキスパートチーム

eBPF provides deep visibility into network traffic and application performance while maintaining safety and efficiency by executing custom code in response to the kernel at runtime.

Navigating Incident Response Frameworks: A Fast-Track Guide

Wiz エキスパートチーム

An incident response framework is a blueprint that helps organizations deal with security incidents in a structured and efficient way. It outlines the steps to take before, during, and after an incident, and assigns roles and responsibilities to different team members.

What is a Data Poisoning Attack?

Wiz エキスパートチーム

Data poisoning is a kind of cyberattack that targets the training data used to build artificial intelligence (AI) and machine learning (ML) models.

Dark AI Explained

Wiz エキスパートチーム

Dark AI involves the malicious use of artificial intelligence (AI) technologies to facilitate cyberattacks and data breaches. Dark AI includes both accidental and strategic weaponization of AI tools.

What is Policy as Code? 

Policy as code (PaC) is the use of code to define, automate, enforce, and manage the policies that govern the operation of cloud-native environments and their resources.

What are CIS benchmarks?

Wiz エキスパートチーム

CIS benchmarks are publicly available security roadmaps offering core recommendations to guide organizations on hardening their IT systems against cyber threats.

GitOps vs. DevOps

While DevOps delineates collaboration and automation practices that emphasize infrastructure provisioning and continuous monitoring, GitOps extends its concepts by employing Git as the single source of truth for both application and infrastructure settings.

Kubernetes Namespaces: Security Best Practices

Kubernetes namespaces divide a given cluster into virtual clusters, helping to separate and manage resources while still keeping them within the same physical cluster. By segregating workloads and applying policies per namespace, you can create boundaries that keep your multi-tenant environments safe and organized.

Linux containers: A security review

Understanding the nuances of Linux containers is crucial for building robust, secure applications. This blog post provides insights into the practical implementation of containers, focusing on both their strengths and potential pitfalls.

Cloud Investigation and Response Automation (CIRA)

Cloud investigation and response automation (CIRA) harnesses the power of advanced analytics, artificial intelligence (AI), and automation to provide organizations with real-time insights into potential security incidents within their cloud environments

What is Security by Design?

Wiz エキスパートチーム

Security by design is a software development approach that aims to establish security as a pillar, not an afterthought, i.e., integrating security controls into software products right from the design phase.

Guide to Standard SBOM Formats

Wiz エキスパートチーム

Two major formats dominate the SBOM ecosystem: Software Package Data Exchange (SPDX) and CycloneDX (CDX). Let’s review!

Kubernetes Security Context: Best practices

In Kubernetes, a security context defines privilege and access control settings for a Pod or Container. It allows you to specify security configurations such as user and group IDs, filesystem permissions, and capabilities.

Azure Security Risks & Mitigation Steps

Wiz エキスパートチーム

This article offers an extensive examination of Azure environments’ most pressing security risks along with suggested approaches for effectively mitigating these challenges.

7 AI Security Risks You Can't Ignore

Wiz エキスパートチーム

Learn about the most pressing security risks shared by all AI applications and how to mitigate them.

Remote Code Execution Attacks Explained

Wiz エキスパートチーム

Remote code execution refers to a security vulnerability through which malicious actors can remotely run code on your systems or servers.

Cloud Sprawl Explained

Wiz エキスパートチーム

Cloud sprawl is a phenomenon that involves the unmanaged growth of cloud-based resources and services.

CSPM vs DSPM: Why You Need Both

Wiz エキスパートチーム

Discover the similarities between CSPM and DSPM, what factors set them apart, and which one is the best choice for your organization’s needs.

Container monitoring explained

Container monitoring is the process of collecting, analyzing, and reporting metrics and data related to the performance and health of containerized applications and their hosting environments.

Data Exfiltration Explained

Wiz エキスパートチーム

Data exfiltration is when sensitive data is accessed without authorization or stolen. Just like any data breach, it can lead to financial loss, reputational damage, and business disruptions.

Cloud Migration Security Explained

Cloud migration security is a facet of cybersecurity that protects organizations from security risks during a transition to cloud environments from legacy infrastructure, like on-premises data centers.

Kubernetes RBAC Explained

Kubernetes role-based access control (RBAC) serves as a foundational security layer within Kubernetes. It is essential for regulating access to the K8s API and its resources, allowing organizations to define user roles with specific permissions to effectively control who can see or interact with what resources within a cluster.

What is CWPP? [Cloud Workload Protection Platform]

Wiz エキスパートチーム

A cloud workload protection platform (CWPP) is a security solution that provides continuous threat monitoring and protection for cloud workloads across different types of cloud environments.

コードセキュリティ (Code Security)

コードセキュリティは、セキュアコーディングとも呼ばれ、アプリケーションやシステム用に記述されたコードが脆弱性や脅威から保護されるように設計されたプラクティス、方法論、およびツールを指します。

Lateral Movement Explained

Wiz エキスパートチーム

Lateral movement is a cyberattack technique used by threat actors to navigate a network or environment in search of more valuable information after gaining initial access.

Credential Stuffing Explained

Wiz エキスパートチーム

Credential stuffing is a type of cyberattack where automated tools are used to repeatedly inject stolen username/password combinations into various services to gain access to legitimate users’ accounts in addition to those that were originally breached.

Container Orchestration

Container orchestration involves organizing groups of containers that make up an application, managing their deployment, scaling, networking, and their availability to ensure they're running optimally.

Native Azure Security Tools

Wiz エキスパートチーム

This blog explores the significance of security in Azure environments and provides an overview of native as well as third-party security tools available to improve an organization’s Azure security stance.

Cross-site scripting

Wiz エキスパートチーム

Cross-site scripting (XSS) is a vulnerability where hackers insert malicious scripts inside web applications with the aim of executing them in a user’s browser.

SBOM Security

A Software Bill of Material (SBOM) is a comprehensive inventory that details every software component that makes up an application.

What is a man-in-the-middle attack?

Wiz エキスパートチーム

A man-in-the-middle (MitM) attack is a type of cyberattack where a hacker intercepts data transferred between two parties.

Kubernetes secrets

A Kubernetes secret is an object in the Kubernetes ecosystem that contains sensitive information (think keys, passwords, and tokens)

What is containerization?

Containerization encapsulates an application and its dependencies into a container image, facilitating consistent execution across any host operating system supporting a container engine.

Containers vs. VMs: What’s the difference?

Wiz エキスパートチーム

In a nutshell, containers and virtual machines (VMs) are two inherently different approaches to packaging and deploying applications/services in isolated environments.

Kubernetes as a service

Kubernetes as a service (KaaS) is a model in which hyperscalers like AWS, GCP, and Azure allow you to quickly and easily start a Kubernetes cluster and begin deploying workloads on it instantly.

Brute Force Attacks

Wiz エキスパートチーム

A brute force attack is a cybersecurity threat where a hacker attempts to access a system by systematically testing different passwords until a correct set of credentials is identified.

CSPM vs. SSPM

Wiz エキスパートチーム

This post discusses CSPM and SSPM in depth to reveal their respective use cases. You'll also learn how CSPM and SSPM complement each other to strengthen your overall security posture.

AWS Security Risks

Wiz エキスパートチーム

This article examines common AWS security challenges, including identity and access control gaps, data exposure risks, and monitoring blind spots.

CIEM vs. IAM

Wiz エキスパートチーム

In this article, we'll compare CIEM and IAM to explain how these crucial techniques help reduce your attack surface.

Shadow Data

Wiz エキスパートチーム

Shadow data is any data that is created, stored, or shared outside of an organization's formal IT environment and management policies.

What is Privilege Escalation?

Privilege escalation is when an attacker exploits weaknesses in your environment or infrastructure to gain higher access and control within a system or network.

Kubernetes Vulnerability Scanning

Kubernetes vulnerability scanning is the systematic process of inspecting a Kubernetes cluster (including its container images and configurations) to detect security misconfigurations or vulnerabilities that could compromise the security posture of the cluster.

Understanding the Shared Responsibility Model

Wiz エキスパートチーム

The shared responsibility model is a framework establishing cloud security responsibilities between cloud service providers (AWS, GCP, Azure) and customers.

Serverless Security Explained

Wiz エキスパートチーム

Serverless security is the extra layer of protection designed for applications built on a serverless architecture. In this type of cloud computing, you write the code (functions) but the cloud provider handles the servers. This creates a different security approach.

Cloud Security Strategy

Wiz エキスパートチーム

A cloud security strategy is the combination of the measures, tools, policies, and procedures used to secure cloud data, applications, and infrastructure.

Rootkits Explained

Wiz エキスパートチーム

A rootkit is a suite of software designed to grant a cyberattacker privileged access while disguising the invasion to evade detection.

What is CSPM?

Cloud Security Posture Management (CSPM) describes the process of continuously detecting and remediating risks in cloud environments and services (e.g. S3 buckets w/ public read access). CSPM tools automatically evaluate cloud configurations against industry best practices, regulatory requirements, and security policies to ensure that cloud environments are secure and properly managed.

Risk-Based Vulnerability Management

Wiz エキスパートチーム

Risk-based vulnerability management is a vulnerability management approach that prioritizes vulnerabilities that pose the greatest risk to an organization.

Container Registries Explained

A container registry is a service that stores, manages, and distributes application images. Its architecture is designed to ensure availability by providing a centralized resource for container image discovery, distribution, and deployment.

Top Docker Alternatives

Wiz エキスパートチーム

In this guide, we'll look at a variety of Docker alternatives that provide different benefits for your workloads—such as daemonless operation, a simplified management experience, improved container security, and enhanced scalability and orchestration for production environments.

What is DevSecOps?

DevSecOps, which stands for Development, Security, and Operations, is a software development practice that emphasizes integrating security considerations throughout the entire development lifecycle, from initial design to deployment and ongoing maintenance.

Kubernetes Alternatives for Container Orchestration

Wiz エキスパートチーム

This blog post explores the world of container orchestration tools beyond Kubernetes, highlighting cloud provider tools and open-source alternatives that promise to redefine how we deploy and manage applications.

What is a Reverse Shell Attack?

Wiz エキスパートチーム

A reverse shell attack is a type of cyberattack where a threat actor establishes a connection from a target machine (the victim's) to their machine.

Microservices Security Best Practices

Microservices security is the practice of protecting individual microservices and their communication channels from unauthorized access, data breaches, and other threats, ensuring a secure overall architecture despite its distributed nature.

AI Security Tools: The Open-Source Toolkit

We’ll take a deep dive into the MLSecOps tools landscape by reviewing the five foundational areas of MLSecOps, exploring the growing importance of MLSecOps for organizations, and introducing six interesting open-source tools to check out

CIEM vs CSPM: Why You Need Both

Wiz エキスパートチーム

CSPM focuses on securing cloud infrastructure by identifying and remediating misconfigurations, while CIEM centers on managing and securing user identities and access permissions within cloud environments, addressing threats related to unauthorized access and entitlements.

What is Data Security Posture Management (DSPM)?

Wiz エキスパートチーム

Data security posture management (DSPM) is a solution designed to continuously monitor an organization's data security policies and procedures to detect vulnerabilities and potential risks.

DevSecOps Best Practices Checklist

Wiz エキスパートチーム

In this article, we’ll look at the emergence of DevSecOps and then discuss actionable best practices for integrating DevSecOps into your workflows.

CNAPP vs CSPM

Wiz エキスパートチーム

Learn where CNAPP and CSPM overlap, where they differ, and which one is right for your organization.

IAM Security Explained

IAM security consists of policies and technologies designed to ensure that only authorized individuals gain access to the relevant resources within an organization.

Cloud Complianceとは何ですか?

クラウド コンプライアンスは、クラウドベースの資産が組織に関連するデータ保護規制、標準、およびフレームワークの要件を確実に満たすために必要な一連の手順、制御、および組織的対策です。

AKS Security Best Practices

Azure Kubernetes Service (AKS) delivers Kubernetes as a managed service in Azure and is popular among organizations looking for a hassle-free Kubernetes solution in the cloud.

Enterprise Cloud Security 101

Wiz エキスパートチーム

Enterprise cloud security is the comprehensive set of practices, policies, and controls used by organizations to protect their data, applications, and infrastructure in the cloud.

Container Platforms

Wiz エキスパートチーム

A container platform is a comprehensive solution that allows organizations to efficiently create, deploy, and manage containers.

CSPM vs CWPP

Wiz エキスパートチーム

Learn where CSPM and CWPP overlap, where they differ, and which one is right for your organization.

Cloud Management 101

Wiz エキスパートチーム

Cloud management refers to the monitoring, maintenance, and operation of data, apps, and infrastructure hosted on the cloud.

Cloud Governance

Wiz エキスパートチーム

Cloud governance entails the policies, processes, and controls an organization puts in place to ensure the effective and secure management of its cloud resources and services.

What is an Attack Surface?

Wiz エキスパートチーム

An attack surface is refers to all the potential entry points an attacker could exploit to gain unauthorized access to a system, network, or data.

Secure Coding Explained

Secure coding is the practice of developing software that is resistant to security vulnerabilities by applying security best practices, techniques, and tools early in development.

Cloud Security Architecture

Wiz エキスパートチーム

Cloud security architecture is a broad set of principles designed to guide the implementation of security controls, practices, and solutions within a cloud computing environment.

Security Posture Explained

Wiz エキスパートチーム

Security posture is the overall defensive strength of an enterprise’s IT infrastructure, which comprises hardware, software, practices, policies, and personnel.

Types of Cloud Security Tools

Wiz エキスパートチーム

Explore the security roles your tools should cover, then outline the key tool types to help you build your security workflows.

Essential Cloud Security Controls

Wiz エキスパートチーム

Learn to navigate the complexities of cloud security, including the knowledge and tools required to build a robust and proactive defense against ever-evolving cyber threats.

What is KSPM?

Kubernetes Security Posture Management (KSPM) is the practice of monitoring, assessing, and ensuring the security and compliance of Kubernetes environments.

Cloud Native Security

Wiz エキスパートチーム

Cloud native security refers to the practices, tools, and policies that protect cloud native applications and infrastructures.