CloudSec Academy
CloudSec Academy へようこそ。クラウドセキュリティの頭字語と業界用語のアルファベットスープをナビゲートするためのガイドです。 明確で簡潔、かつ専門的に作成されたコンテンツで、基本的なことからベストプラクティスまでをカバーします。
SOC Framework for the cloud era: A modern guide for security teams
A security operations center (SOC) framework defines how an organization detects, investigates, and responds to threats. A SOC framework isn’t just a policy doc. It’s the people, processes, and technologies that keep threats in check—now redesigned for cloud speed and scale.
Cloud Entitlement Management: How to reduce identity risk with context
Cloud entitlements are access and administrative privileges that define what resources users can access and how they can interact with those resources.
Incident Response Plans: Creation, Implementation, and Best Practices
An incident response plan (IRP) is a detailed framework that provides clear, step-by-step guidelines to detect, contain, eradicate, and recover from security incidents.
Top OSS Incident Response Tools
Open-source software (OSS) incident response (IR) tools are publicly available tools enterprises use to effectively manage and respond to numerous security threats.
コードセキュリティ (Code Security)
コードセキュリティは、セキュアコーディングとも呼ばれ、アプリケーションやシステム用に記述されたコードが脆弱性や脅威から保護されるように設計されたプラクティス、方法論、およびツールを指します。
The Open-Source Code Security Tool Roundup
Wiz エキスパートチーム
This article will give you a refresher on code security and review the most popular open-source code security tools available.
AKS Security Best Practices
Azure Kubernetes Service (AKS) delivers Kubernetes as a managed service in Azure and is popular among organizations looking for a hassle-free Kubernetes solution in the cloud.
プロンプトインジェクション攻撃とは? [Prompt Injection Attack]
プロンプトインジェクション攻撃は、攻撃者が自然言語処理(NLP)システムの入力プロンプトを操作してシステムの出力に影響を与えるAIセキュリティの脅威です。
Data Leakage:リスク、原因、防止
データ漏洩とは、組織データが第三者に対して野放しに持ち出されることです。 これは、データベースの設定ミス、ネットワークサーバーの保護が不十分な、フィッシング攻撃、さらには不注意なデータ処理など、さまざまな手段で発生します。
EC2 Cloud Cost Optimization: Strategies to Reduce Amazon EC2 Spend
Cloud cost optimization is the continuous practice of making sure you’re only paying for the compute resources you actually need. It's about matching the supply of your instances to the real-time demand of your workloads, selecting the right pricing models, and ruthlessly eliminating waste.
Cloud Cost Optimization: Reduce Spend in 2025
Cloud cost optimization is the systematic practice of reducing cloud spend while improving cloud efficiency through enhanced visibility, resource rightsizing, workload automation, and team accountability.
Top Vulnerability Management Solutions in 2025
Wiz エキスパートチーム
Modern vulnerability management is evolving into Unified Vulnerability Management (UVM)—a single approach that connects all scanners, adds cloud context, and turns scattered findings into prioritized, fixable risks.
ChatGPT Security for Enterprises: Risks and Best Practices
ChatGPT security is the process of protecting an organization from the compliance, brand image, customer experience, and general safety risks that ChatGPT introduces into applications.
Navigating Incident Response Frameworks: A Fast-Track Guide
Wiz エキスパートチーム
An incident response framework is a blueprint that helps organizations deal with security incidents in a structured and efficient way. It outlines the steps to take before, during, and after an incident, and assigns roles and responsibilities to different team members.
Top CrowdStrike Alternatives & Competitors in 2025
This guide provides a straightforward comparison between CrowdStrike’s security offerings and other cybersecurity tools in the marketplace.
What is Cyber Asset Attack Surface Management (CAASM)?
Cyber asset attack surface management (CAASM) is a security practice that gives teams unified visibility and control over all enterprise assets—cloud, SaaS, on-prem, and beyond. It helps eliminate blind spots and reduce risk by correlating asset data from across your environment and tools. CAASM enables teams to query, prioritize, and act from a single source of truth.
Implementing NIST Incident Response in the Cloud Era
Wiz エキスパートチーム
This article explores the NIST IR model and capabilities to look out for when choosing IR tools to support NIST SP 800-61 Rev. 2 implementation.
脆弱性スキャン (Vulnerability Scanning)
Wiz エキスパートチーム
脆弱性スキャンは、ITシステム、ネットワーク、およびソフトウェアのセキュリティ上の欠陥を検出して評価するプロセスです。
Malware Scanning in the Cloud: Everything You Need to Know
Wiz エキスパートチーム
Malware scanning is the process of inspecting files, systems, and cloud resources for signs of malicious software—before it causes damage.
Data Poisoning: Current Trends and Recommended Defense Strategies
Wiz エキスパートチーム
Data poisoning threatens the cloud, especially when 70% of cloud environments use AI services. Learn about the top threats and how to protect your organization.
7 Best Incident Response Plan Templates for Security Teams
Wiz エキスパートチーム
Access top incident response plan templates for your security team, find out which are cloud native, and learn how you can respond faster to minimize damage.
What is Attack Surface Analysis?
Wiz エキスパートチーム
Attack surface analysis is a cybersecurity practice that identifies and evaluates all potential access points, external and internal, that an attacker could exploit.
On-Premise vs. Cloud Security
Wiz エキスパートチーム
Let's compare on-premises and cloud security, examine their differences, and explore key cloud-specific security concepts to help you choose the best approaches to security for your entire organization.