Skip to content

Cloud Security

Cloud Foundations

This is a great overview of AWS's "Cloud Foundations

Cloud foundations

Cloud security ressources

A great place that sum-up useful knowledgebases here

Awesome cloud security ressources here

Cloud CSPM products

Cloud Security Posture Managementis a class of security tools as defined by Gartner include use cases for infrastructure compliance monitoring, DevOps integration, incident response, risk assessment, and risk visualization.

Product CSP support, remarks Link
Divvy Cloud AWS, Azure, GCP, Alibaba, Kubernetes https://divvycloud.com
Cloud Custodian AWS, Azure, GCP. Open Source, good community https://cloudcustodian.io
Palto Alto Prisma Cloud (Redlock) AWS, Azure, GCP, Alibaba, Kubernetes, Doker, IBM Cloud https://www.paloaltonetworks.com/prisma/cloud
Netflix Security Monkey AWS, GCP. End of life 2020 https://github.com/Netflix/security_monkey
TurBot AWS, Azure, GCP https://turbot.com
DisruptOps ? https://disruptops.com
CheckPoint CloudGuard Dome9 AWS, Azure, GCP. Some remediations focused primarily on network and IAM https://dome9.com
Aqua CloudSploit AWS, Azure, GCP, Oracle Cloud https://cloudsploit.com
Trend Micro Cloud Conformity AWS, (Azure) https://www.cloudconformity.com
Fugue AWS, Azure https://www.fugue.co
OpenCSPM ? https://github.com/OpenCSPM/opencspm
Wiz AWS, Azure, GCP https://www.wiz.io

Cloud security posture

What to look for when reviewing a company's infrastructure. Very interisting article on how to understand and asses your cloud infrastructure in order to design a cloud security roadmap here

A list of question while reviewing the security architecture of a multi-cloud SaaS company here

Very interisting blog with Cloud security topics (Kubernetes, docker image security, aws, azure, GCP, etc) here

How to define a Cloud security roadmap here and here

How to mitigate cloud vulnerabilities by NSA here

Modern Cloud Governance with a well balanced security / Cost and Business value here

Cloud open source tools

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. here

Maturity matrice

The infographic feature high-level patterns for mapping your company’s technical and strategic transformation.

Cloud security maturity matrice

This page lists security mistakes by cloud service providers (AWS, GCP, and Azure). These are public mistakes on the cloud providers' side of the shared responsibility model here

FinOps

Great eBook that explains the basics of FinOps Whitepaper From FinOps to proven cloud cost management & optimization strategies here

Great tool for cost estimation based on terraform and can be integrated in CI/CD pipeline here

Network

Good practices on how to segregate a network in Cloud environment here

Whitepapers

A bench of whitepapers from SANS institute here

Why IAM is a key component in cloud, and what are the threats here

Awareness

This article explains how to create a proactive security & engineering culture with awareness strategy here

Hack the cloud

Hacking the cloud is an encyclopedia of the attacks/tactics/techniques that offensive security professionals can use on their next cloud exploitation adventure. The goal is to share this knowledge with the security community to better defend cloud native technologies. here

A free pentesting Learning platform. here

Threat & risks in the cloud

Top 11 of threats in the cloud in 2022 here

Cloud vulnerabilities

This page is a complete database for all Cloud vulnerabilities here

Zero trust

An road map to zero trust architecture here

IAM

Visualizing Multi Cloud IAM Concepts here