Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Cloud Security Posture Management (CSPM)

You're reading from   Mastering Cloud Security Posture Management (CSPM) Secure multi-cloud infrastructure across AWS, Azure, and Google Cloud using proven techniques

Arrow left icon
Product type Paperback
Published in Jan 2024
Publisher Packt
ISBN-13 9781837638406
Length 472 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Qamar Nomani Qamar Nomani
Author Profile Icon Qamar Nomani
Qamar Nomani
Arrow right icon
View More author details
Toc

Table of Contents (26) Chapters Close

Preface 1. Part 1:CSPM Fundamentals
2. Chapter 1: Cloud Security Fundamentals FREE CHAPTER 3. Chapter 2: Understanding CSPM and the Threat Landscape 4. Chapter 3: CSPM Tools and Features 5. Chapter 4: CSPM Tool Selection 6. Part 2: CSPM Deployment Aspects
7. Chapter 5: Deploying the CSPM Tool 8. Chapter 6: Onboarding Cloud Accounts 9. Chapter 7: Onboarding Containers 10. Chapter 8: Exploring Environment Settings 11. Part 3: Security Posture Enhancement
12. Chapter 9: Exploring Cloud Asset Inventory 13. Chapter 10: Reviewing CSPM Dashboards 14. Chapter 11: Major Configuration Risks 15. Chapter 12: Investigating Threats with Query Explorers and KQL 16. Chapter 13: Vulnerability and Patch Management 17. Chapter 14: Compliance Management and Governance 18. Chapter 15: Security Alerts and Monitoring 19. Part 4: Advanced Topics and Future Trends
20. Chapter 16: Integrating CSPM with IaC 21. Chapter 17: DevSecOps – Workflow Automation 22. Chapter 18: CSPM-Related Technologies 23. Chapter 19: Future Trends and Challenges 24. Index 25. Other Books You May Enjoy

What is cloud security?

Cloud security refers to the set of practices, technologies, policies, and measures designed to safeguard data, applications, and infrastructure in cloud environments. Security in clouds is crucial because it addresses the unique security challenges and risks associated with cloud computing, which includes services such as IaaS, PaaS, and SaaS.

Important note

Gartner reports (https://www.gartner.com/en/newsroom/press-releases/2021-11-10-gartner-says-cloud-will-be-the-centerpiece-of-new-digital-experiences) that 99% of cloud breaches are traced back to preventable misconfigurations or mistakes by cloud customers.

It is evident that cloud computing services bring some overriding concerns too, and most of them can be prevented if they are configured correctly. This includes network and system misconfigurations, IAM misconfigurations, and accidental exposure of resources. We will read more about major configuration risks in Chapter 11, but some of them are explained in the following subsection.

Security concerns with the public cloud

There are several overriding concerns associated with cloud computing that organizations should be aware of:

  • Unauthorized access: Public cloud services can be vulnerable to unauthorized access, which can lead to data breaches and the exposure of sensitive information.
  • Insider threats: Cloud providers have access to users’ data, which means that insider threats can pose a risk to security.
  • Data loss: Public cloud services can suffer from data loss, which can occur due to hardware failures or other technical issues:
Figure 1.2 – Cloud security concerns

Figure 1.2 – Cloud security concerns

  • Compliance issues: Public cloud services may not always meet regulatory and compliance requirements for data storage and security.
  • Multi-tenancy risks: Public cloud services are often multi-tenant, which means that multiple users share the same physical infrastructure. This can increase the risk of data leakage or unauthorized access if they’re not managed properly.
  • Vulnerabilities in third-party tools: Public cloud services often rely on third-party tools and vendors, which can create vulnerabilities if these vendors are not properly vetted or have weak security measures in place.
  • Lack of control: Public cloud services are managed by the cloud provider, which means that users have limited control over the security measures that are implemented.
  • DDoS attacks: Public cloud services can be vulnerable to distributed denial of service (DDoS) attacks, which can disrupt service availability.
  • Data breaches through APIs: Public cloud services often use APIs to enable integration with other systems, which can create vulnerabilities if these APIs are not secured properly.
  • Data exposure through misconfigured services: Public cloud services can be vulnerable to data exposure if services are misconfigured, or access controls have not been set up properly.

It is important to understand these risks and take appropriate measures to mitigate them, such as implementing strong authentication and access controls, regularly monitoring and auditing activity, and using encryption to protect sensitive data. It is also important to work with reputable cloud providers who have a strong track record for security and compliance, be aware of the overriding concerns, and take steps to mitigate these risks through careful planning, risk assessment, and ongoing monitoring and management.

Now that you understand cloud computing and the security concerns around it, let us learn about the shared responsibility model.

You have been reading a chapter from
Mastering Cloud Security Posture Management (CSPM)
Published in: Jan 2024
Publisher: Packt
ISBN-13: 9781837638406
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image