Cloud security
The cloud offers improved efficiency, flexibility and scalability, but its benefits can be reversed if security isn't top of mind. Read cloud security best practices, including tips on data protection and IaaS, PaaS and SaaS security, as well as cloud-specific tools and services such as CASBs, CWPPs and CSPM.
Top Stories
-
Opinion
06 Dec 2023
How organizations can learn from cloud security breaches
Research shed light on cloud security breaches. It's time to learn from the past and mitigate these attacks in the future with strong cloud security and posture management. Continue Reading
-
Tip
28 Nov 2023
Hybrid cloud connectivity best practices and considerations
Private and public clouds stress networks in different ways and don't always play well together. Here's what to know to set up a cost-effective hybrid cloud network architecture. Continue Reading
-
Tip
11 Dec 2020
Tackle multi-cloud key management challenges with KMaaS
Cloud providers' tools for secrets management are not equipped to solve unique multi-cloud key management challenges. Learn how key management-as-a-service tools can fill the gaps. Continue Reading
-
Tip
09 Dec 2020
How cloud-based SIEM tools benefit SOC teams
It's time for SIEM to enter the cloud age. Learn about the cloud-based SIEM features that can help SOC teams gain a holistic view of their organization's cloud infrastructure. Continue Reading
-
Tip
03 Dec 2020
SASE model drives improved cloud and work-from-home security
Find out how the Secure Access Service Edge model provides increased work-from-home security and cloud access outside of the traditional enterprise data center access model. Continue Reading
-
Feature
30 Nov 2020
How to pass the AWS Certified Security - Specialty exam
Author of 'AWS Certified Security - Specialty Exam Guide' Stuart Scott shares insights on how to prepare for the exam and reap the professional benefits of certification. Continue Reading
-
Feature
30 Nov 2020
Practice AWS Certified Security - Specialty exam questions
Explore the security and compliance capabilities of the AWS Config service to prepare for the wide-ranging AWS Certified Security - Specialty certification exam. Continue Reading
-
Tip
22 Oct 2020
How to build a cloud security operations center
To better protect workloads and data in the cloud, security operations centers collaborate with various IT teams. Learn how to cloud-enable your organization's SOC. Continue Reading
-
Tip
24 Sep 2020
Prevent cloud account hijacking with 3 key strategies
The ability to identify the various methods of cloud account hijacking is key to prevention. Explore three ways to limit potential consequences of cloud credential compromise. Continue Reading
-
Feature
16 Sep 2020
An inside look at the CCSP cloud security cert
Get insights into the Certified Cloud Security Professional cert, cloud infrastructure and platform benefits and risks, and more from the author of a CCSP exam guide. Continue Reading
-
Quiz
16 Sep 2020
Test your cloud security smarts with these CCSP exam questions
Read up on cloud-based BCDR in this excerpt from Chapter 4 of 'CCSP Certified Cloud Security Professional All-in-One Guide,' then quiz yourself to see what you've learned. Continue Reading
-
Quiz
15 Sep 2020
Cloud computing security technology quiz
As companies migrate to the cloud to improve accessibility and scalability, there are many aspects of security to consider. Test your cloud security knowledge with this quiz. Continue Reading
-
Tip
10 Sep 2020
How cloud security posture management protects multi-cloud
Improve control plane security at your organization by integrating a cloud security posture management tool into your existing multi-cloud strategy. Continue Reading
-
Feature
17 Aug 2020
Hands-on guide to S3 bucket penetration testing
Attention AWS pen testers: The trick to understanding the indicators of AWS S3 bucket vulnerabilities is setting up an insecure bucket. Learn how in this actionable guide. Continue Reading
-
Quiz
29 Jul 2020
Cloud security quiz: Application security best practices
Think you know all there is to know about securing apps in the cloud? Test your grasp of cloud application security best practices with this quiz. Continue Reading
-
Feature
28 Jul 2020
The importance of security, data encryption for cloud
As more companies migrate to the cloud, they need to also invest in cybersecurity for their cloud computing, such as through better encryption and authentication tools. Continue Reading
-
Tip
27 Jul 2020
Cloud workload protection platform security benefits, features
VMs and cloud environments make the task of protecting workloads more difficult than ever. Can a cloud workload protection platform help your organization solve the problem? Continue Reading
-
Tip
20 Jul 2020
Follow 3 key steps to improve multi-cloud monitoring
Successful multi-cloud monitoring anticipates security vulnerabilities unique to operating across several environments. Follow these steps to improve multi-cloud security. Continue Reading
-
Feature
17 Jul 2020
How to address and close the cloud security readiness gap
Cloud security readiness remains a shortcoming for companies despite the majority using cloud services. Here are three steps they can take to close the cloud security gap. Continue Reading
-
Tip
09 Jul 2020
Enhance your cloud threat protection with 5 tools, and more
Explore the best tools and tactics; you'll need the most effective arsenal available to counteract the attackers gunning for your cloud-based workloads and apps. Continue Reading
-
Tip
29 Jun 2020
Privacy-preserving machine learning assuages infosec fears
Implementing privacy-preserving machine learning controls, such as federated learning and homomorphic encryption, can address top cloud security and privacy concerns. Learn how. Continue Reading
-
Tip
17 Jun 2020
Istio service mesh security benefits microservices, developers
Learn more about Istio service mesh security features and how the open source technology can enable developers to better run, control and secure a distributed microservices architecture. Continue Reading
-
Feature
20 May 2020
CCSK cert guide author's insights into cloud security credential
The author of a Certificate of Cloud Security Knowledge exam guide offers insights into certifications, top considerations for those pursuing the CCSK and more. Continue Reading
-
Tip
12 May 2020
Comparing single cloud vs. multi-cloud security challenges
A multi-cloud environment is not inherently more secure than a single cloud. Learn how to choose between single cloud vs. multi-cloud for your organization from a security perspective. Continue Reading
-
Feature
08 May 2020
Compare the top cloud-based IoT security platforms to protect devices
IoT security tools can protect widely used computing devices that pose cybersecurity risks in the current remote work era. Explore the leading cloud-based options here. Continue Reading
-
Answer
23 Apr 2020
The differences between web roles and worker roles in Azure
What sets web roles and worker roles apart in Microsoft's Azure Cloud Services? Here's a look at how they are different. Continue Reading
-
Tip
26 Feb 2020
Boost security with a multi-cloud workload placement process
IT must incorporate a multi-cloud workload placement process into its multi-cloud strategy in order to maintain or improve cloud security and cloud operations. Continue Reading
-
Tip
12 Feb 2020
Benefits of cloud data discovery tools and services multiply
With multi-cloud and privacy regulations becoming the new normal, infosec teams need data discovery tools and services to keep up. Learn more about available cloud options. Continue Reading
-
Tip
02 Jan 2020
3 steps to prepare IT operations for multi-cloud
Organizations must ready their IT operations for multi-cloud and the unique security challenges ahead. Equip your IT ops team with the right people and processes to adapt smoothly. Continue Reading
-
Tip
19 Dec 2019
Learn some key cloud workload protection best practices
Learn key practices to protect cloud workloads whether using VMs, endpoints or containers. And don't forget to consider the best means for building a fruitful feedback loop. Continue Reading
-
Feature
13 Nov 2019
Benefits of using Azure Security Center for security assessments
Author Yuri Diogenes discusses how Azure Security Center helps admins achieve full cloud visibility, conduct security assessments and prevent potential breaches. Continue Reading
-
Feature
12 Nov 2019
Use Azure Security Center to conduct a security posture assessment
In this excerpt from Chapter 4 of Microsoft Azure Security Center, the authors outline how to use the software to determine and improve your enterprise's cloud security posture. Continue Reading
-
Tip
28 Oct 2019
5 cloud storage privacy questions to ask potential providers
Data confidentiality in cloud computing is a major enterprise concern, yet providers are often lacking in their details. Here are the questions to ask before adopting a service. Continue Reading
-
Tip
22 Oct 2019
How to address cloud IAM challenges
Cloud services are major players in most companies now and can have a major impact on the management of access and identity governance. Learn how to handle cloud IAM challenges. Continue Reading
-
Tip
07 Oct 2019
How to beef up S3 bucket security to prevent a breach
Security teams have plenty of tools at their disposal to help their organizations achieve and maintain S3 bucket security. Learn about the threats and best practices to stay safe. Continue Reading
-
Tip
06 Sep 2019
How to build and maintain a multi-cloud security strategy
When using multiple cloud service providers, it's critical to consider your enterprise's cloud scope and the specifics of each cloud service to maintain security. Continue Reading
-
Tip
05 Sep 2019
Why CASB tools are crucial to your cloud security
CASB tools have gained traction as cloud security becomes more important. Among other features, a cloud security access broker helps companies pinpoint shadow IT. Continue Reading
-
Tip
19 Aug 2019
How to conduct proper AWS vulnerability scanning in 3 steps
Cloud vulnerability management can be complicated. Learn how to perform AWS vulnerability scans under the shared responsibility model. Continue Reading
-
Feature
15 Aug 2019
Research shows cloud security vulnerabilities grow
Recent research shows the number of cloud security incidents are growing. Here are the biggest contributors to the complicated cloud threat landscape facing modern enterprises. Continue Reading
-
Tip
08 Aug 2019
4 necessary steps to evaluate public cloud security
The Capital One hack raised questions about public cloud security. Take these four steps to ensure your data is protected. Continue Reading
-
Answer
26 Jul 2019
What's the best way to approach multi-cloud security?
Multi-cloud security can be challenging, but new tools promise to ease some of the problems associated with managing resources across multiple CSPs. Continue Reading
-
Tip
18 Jul 2019
CASB market dynamics, from a customer perspective
The CASB market is changing. Learn how the fluctuating threat landscape has led to a use case evolution and operational changes for the CASB in the enterprise. Continue Reading
-
Guide
27 Jun 2019
Everything you need to know about multi-cloud security
Make multi-cloud security a reality in your organization with these tips and strategies from industry experts as you implement more cloud platforms. Continue Reading
-
Tip
26 Jun 2019
The CISO's guide to Kubernetes security and deployment
Container orchestration platform Kubernetes provides tools needed to deploy scalable applications with efficiency. Learn what steps CISOs must take to secure a Kubernetes environment. Continue Reading
-
Feature
21 Jun 2019
As cloud complexities increase, cybersecurity skills gap worsens
Concerns about the lack of security expertise persist, according to respondents in a new CSA survey of IT and security professionals on complexities within native cloud, hybrid and multi-cloud environments. Continue Reading
-
Guide
30 May 2019
How best to secure cloud computing in this critical era
Achieving cloud security today demands you continually update your strategy, policy, tactics and tools. This collection of expert advice helps keep your cloud defenses well-tuned. Continue Reading
-
Tip
15 May 2019
3 best practices for cloud security monitoring
Cloud security monitoring can be laborious to set up, but organizations can make it easier. Learn about three best practices for cloud security monitoring and the available tools. Continue Reading
-
Tip
13 May 2019
Why centralization in a multi-cloud security strategy is key
When moving to a multi-cloud infrastructure, there are a few strategies to keep in mind. Learn how centralization will limit the challenges of fragmented security access and monitor controls. Continue Reading
-
Feature
07 May 2019
The risks of multi-cloud security compared to single cloud
Single-cloud architecture poses some challenges, which has led to a new trend in adopting multi-cloud designs. Discover whether multi-cloud is right for your enterprise. Continue Reading
-
Opinion
01 May 2019
The top cloud security challenges are 'people problems'
Cloud security begins at home. Considering the human factor in cybersecurity is step one when it comes to addressing how to keep critical assets safe in the cloud. Continue Reading
-
Tip
26 Apr 2019
How infrastructure as code tools improve visibility
Visibility into cloud infrastructures and applications is important for data security. Learn how to maintain that visibility while using infrastructure as code tools. Continue Reading
-
Feature
24 Apr 2019
Words to go: Multi-cloud security strategy
For many enterprises, implementing multi-cloud security is complicated. Here's a breakdown of the must-know multi-cloud terms for organizations setting up this type of deployment. Continue Reading
-
Tip
22 Apr 2019
The security benefits of using infrastructure as code
Infrastructure as code bolsters security and ensures security best practices are built into software development. Learn more about the use of infrastructure-as-code models. Continue Reading
-
Tip
14 Mar 2019
Container security awareness, planning required as threats persist
As container security vulnerabilities continue to emerge, companies should plan ahead and have strategies ready to defend against looming segmentation failures. Continue Reading
-
Tip
30 Jan 2019
How to build a cloud security strategy after migration
Enterprises can face an array of issues when they migrate to the cloud. Learn about three of the main challenges and how to effectively create a cloud security strategy. Continue Reading
-
Tip
16 Jan 2019
How unsecured Firebase databases put critical data at risk
Unsecured Google Firebase databases are similar to misconfigured AWS S3 buckets, but there are key differences. Expert Rob Shapland discusses the risks of unsecured cloud databases. Continue Reading
-
Tip
09 Jan 2019
How to block public access for AWS S3 bucket security
AWS S3 buckets leaked millions of files, including sensitive data, by enabling public access. Learn how to block public access with expert David Shackleford. Continue Reading
-
Tip
26 Dec 2018
How to apply cloud security controls in the network
Implementing cloud security controls in the network requires a careful balance between protecting points of connectivity while still making it easy for users to access services. Continue Reading
-
Tip
28 Nov 2018
How Google's cloud data deletion process can influence security policies
Understanding the process behind Google's cloud data deletion can help influence stronger enterprise security policies. Expert Ed Moyle explains the process and how to use it. Continue Reading
-
Tip
14 Nov 2018
How the Microsoft Authenticator app integrates with Azure AD
Microsoft expanded the Microsoft Authenticator app to integrate with tens of thousands of Azure AD apps. Expert Dave Shackleford explains how this tool is improving security. Continue Reading
-
Tip
03 Oct 2018
How to collect open source threat intelligence in the cloud
Threat intelligence analysis can be challenging and expensive for enterprises. Expert Frank Siemons explains how open source threat intelligence can simplify the process. Continue Reading
-
Quiz
26 Sep 2018
How do cloud deployment models affect IT operations?
Security plays a vital role in cloud operations. Test your knowledge of important concepts covered in Domain 5 of the CCSP exam, “Operations,” with this practice quiz. Continue Reading
-
Tip
22 Aug 2018
Why container orchestration platforms risk data exposure
Container orchestration platforms expose interfaces and create the risk of data exposure and unauthorized access. Expert Dave Shackleford explains why these risks exist in enterprises. Continue Reading
-
Tip
08 Aug 2018
How online malware collection aids threat intelligence
Threat intelligence can facilitate cloud-based malware collection, which has value for enterprise cybersecurity. Expert Frank Siemons discusses collecting and analyzing malware. Continue Reading
-
Tip
18 Jul 2018
The risks of container image repositories compared to GitHub
As container use rises, so does the use of container image repositories. Expert Dave Shackleford discusses the risks associated with them and how they compare to other registries. Continue Reading
-
Tip
29 Jun 2018
How to use Packetbeat to monitor Docker container traffic
Docker containers can help secure cloud applications, but malicious traffic can still move to and from those containers on a network. Dejan Lukan explains how to use Packetbeat to monitor such threats. Continue Reading
-
Tip
20 Jun 2018
How to secure cloud buckets for safer storage
Cloud buckets that enterprises use for storage can provide security benefits, but they also come with some risks. Expert Frank Siemons discusses the risks and how to mitigate them. Continue Reading
-
Tip
30 May 2018
Cloud endpoint security: Balance the risks with the rewards
While cloud endpoint security products, such as antivirus software, provide users with many benefits, the cloud connection also introduces risks. Expert Frank Siemons explains. Continue Reading
-
Quiz
29 May 2018
Reviewing cloud data protection measures: CCSP Domain 2
This practice quiz will assess your understanding of key concepts in Domain 2 of the CCSP exam. This part of the test covers cloud data security strategies, technologies and more. Continue Reading
-
Tip
09 May 2018
How a cloud backdoor poses a threat to the enterprise
Cloud backdoors pose a rising threat to enterprises, according to new research. Expert Ed Moyle explains what a cloud backdoor is and what mitigation options are available. Continue Reading
-
Quiz
30 Apr 2018
CCSP Practice Exam and Study Guides
Studying for, obtaining and maintaining your CCSP® certification has now become more convenient with SearchCloudSecurity.com. Continue Reading
-
Feature
03 Apr 2018
AWS S3 bucket security falls short at high-profile companies
Everyone is putting their data in the cloud, from IT staff to department heads. With functionality galore, basic security measures too often go unchecked. Continue Reading
-
Tip
07 Mar 2018
What the Azure AD Connect vulnerability can teach enterprises
Enterprises should learn from a Microsoft Azure AD Connect vulnerability that security requires a hands-on approach. Expert Rob Shapland takes a closer look at the permissions flaw. Continue Reading
-
Answer
27 Feb 2018
How does the Amazon GuardDuty threat detection service work?
At the 2017 re:Invent conference, Amazon announced their latest threat detection product: Amazon GuardDuty. Learn how this service works and what sets it apart from other products. Continue Reading
-
Blog Post
30 Nov 2017
The CASB market is (nearly) gone but not forgotten
A series of acquisitions have drastically reduced the number of stand-alone cloud access security brokers and reshaped the CASB market for years to come. Continue Reading
-
Tip
20 Sep 2017
How attackers can intercept iCloud Keychain data
A verification flaw in the synchronization service of iCloud Keychain enables attackers to intercept the data it transfers. Expert Frank Siemons explains what to do about it. Continue Reading
-
Answer
31 Mar 2017
Google Cloud KMS: What are the security benefits?
Google Cloud KMS is a new encryption key management service available for Google customers. Expert Matthew Pascucci discusses how this service works and its security benefits. Continue Reading
-
Tip
21 Dec 2016
VM isolation technique considerations for enterprises
VM isolation techniques are good strategies to prevent infections from spreading to the entire cloud environment. Ed Moyle explains what enterprises need to know about isolation. Continue Reading
-
Tip
09 Feb 2016
Breaking down the risks of VM escapes
The Xen hypervisor flaw highlighted the risks of VM escapes, but expert Ed Moyle explains why the flaw should serve as a warning for virtual containers as well. Continue Reading
-
Answer
13 Aug 2015
Our AWS encryption keys were exposed accidentally -- now what?
Exposing encryption keys is never a good thing, but knowing the steps to take after such an incident can help limit damage to an enterprise. Expert Dan Sullivan explains. Continue Reading
-
Tip
31 May 2013
Amazon S3 encryption overview: How to secure data in the Amazon cloud
Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings. Continue Reading