Cloud security

The cloud offers improved efficiency, flexibility and scalability, but its benefits can be reversed if security isn't top of mind. Read cloud security best practices, including tips on data protection and IaaS, PaaS and SaaS security, as well as cloud-specific tools and services such as CASBs, CWPPs and CSPM.

Top Stories

Tip 27 Aug 2025
Compare Azure Government vs. Azure's commercial cloud

Microsoft's Azure Government and global cloud offerings serve different customers and have different compliance requirements. See how they compare to make the right choice. Continue Reading
By
- Chris Tozzi
Tip 11 Aug 2025
A practical guide to PATs in Azure DevOps

In the rapidly evolving DevOps landscape, understanding how and when to use PATs empowers users to build flexible, secure and reliable automation strategies. Continue Reading
By
- Stuart Burns

Tip 03 Oct 2018
How to collect open source threat intelligence in the cloud

Threat intelligence analysis can be challenging and expensive for enterprises. Expert Frank Siemons explains how open source threat intelligence can simplify the process. Continue Reading
By
- Frank Siemons, RedSec
Quiz 26 Sep 2018
How do cloud deployment models affect IT operations?

Security plays a vital role in cloud operations. Test your knowledge of important concepts covered in Domain 5 of the CCSP exam, “Operations,” with this practice quiz. Continue Reading
By
- (ISC) 2
Tip 22 Aug 2018
Why container orchestration platforms risk data exposure

Container orchestration platforms expose interfaces and create the risk of data exposure and unauthorized access. Expert Dave Shackleford explains why these risks exist in enterprises. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 08 Aug 2018
How online malware collection aids threat intelligence

Threat intelligence can facilitate cloud-based malware collection, which has value for enterprise cybersecurity. Expert Frank Siemons discusses collecting and analyzing malware. Continue Reading
By
- Frank Siemons, RedSec
Tip 18 Jul 2018
The risks of container image repositories compared to GitHub

As container use rises, so does the use of container image repositories. Expert Dave Shackleford discusses the risks associated with them and how they compare to other registries. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 29 Jun 2018
How to use Packetbeat to monitor Docker container traffic

Docker containers can help secure cloud applications, but malicious traffic can still move to and from those containers on a network. Dejan Lukan explains how to use Packetbeat to monitor such threats. Continue Reading
By
- Dejan Lukan, Protean Security
Tip 20 Jun 2018
How to secure cloud buckets for safer storage

Cloud buckets that enterprises use for storage can provide security benefits, but they also come with some risks. Expert Frank Siemons discusses the risks and how to mitigate them. Continue Reading
By
- Frank Siemons, RedSec
Tip 30 May 2018
Cloud endpoint security: Balance the risks with the rewards

While cloud endpoint security products, such as antivirus software, provide users with many benefits, the cloud connection also introduces risks. Expert Frank Siemons explains. Continue Reading
By
- Frank Siemons, RedSec
Quiz 29 May 2018
Reviewing cloud data protection measures: CCSP Domain 2

This practice quiz will assess your understanding of key concepts in Domain 2 of the CCSP exam. This part of the test covers cloud data security strategies, technologies and more. Continue Reading
By
- (ISC) 2
Tip 09 May 2018
How a cloud backdoor poses a threat to the enterprise

Cloud backdoors pose a rising threat to enterprises, according to new research. Expert Ed Moyle explains what a cloud backdoor is and what mitigation options are available. Continue Reading
By
- Ed Moyle, SecurityCurve
Quiz 30 Apr 2018

CCSP Practice Exam and Study Guides

Studying for, obtaining and maintaining your CCSP® certification has now become more convenient with SearchCloudSecurity.com. Continue Reading
Feature 03 Apr 2018
AWS S3 bucket security falls short at high-profile companies

Everyone is putting their data in the cloud, from IT staff to department heads. With functionality galore, basic security measures too often go unchecked. Continue Reading
By
- Kathleen Richards
Tip 07 Mar 2018
What the Azure AD Connect vulnerability can teach enterprises

Enterprises should learn from a Microsoft Azure AD Connect vulnerability that security requires a hands-on approach. Expert Rob Shapland takes a closer look at the permissions flaw. Continue Reading
By
- Rob Shapland
Answer 27 Feb 2018
How does the Amazon GuardDuty threat detection service work?

At the 2017 re:Invent conference, Amazon announced their latest threat detection product: Amazon GuardDuty. Learn how this service works and what sets it apart from other products. Continue Reading
By
- Matthew Pascucci
Blog Post 30 Nov 2017
The CASB market is (nearly) gone but not forgotten

A series of acquisitions have drastically reduced the number of stand-alone cloud access security brokers and reshaped the CASB market for years to come. Continue Reading
By
- Rob Wright, Senior News Director, Dark Reading
Tip 20 Sep 2017
How attackers can intercept iCloud Keychain data

A verification flaw in the synchronization service of iCloud Keychain enables attackers to intercept the data it transfers. Expert Frank Siemons explains what to do about it. Continue Reading
By
- Frank Siemons, RedSec
Definition 31 Aug 2017
Google Cloud Key Management Service (KMS)

Google Cloud Key Management Service (KMS) is a cloud service for managing encryption keys for other Google cloud services that enterprises can use to implement cryptographic functions. Continue Reading
By
- Madelyn Bacon, TechTarget
Answer 31 Mar 2017
Google Cloud KMS: What are the security benefits?

Google Cloud KMS is a new encryption key management service available for Google customers. Expert Matthew Pascucci discusses how this service works and its security benefits. Continue Reading
By
- Matthew Pascucci
Tip 21 Dec 2016
VM isolation technique considerations for enterprises

VM isolation techniques are good strategies to prevent infections from spreading to the entire cloud environment. Ed Moyle explains what enterprises need to know about isolation. Continue Reading
By
- Ed Moyle, SecurityCurve
Tip 09 Feb 2016
Breaking down the risks of VM escapes

The Xen hypervisor flaw highlighted the risks of VM escapes, but expert Ed Moyle explains why the flaw should serve as a warning for virtual containers as well. Continue Reading
By
- Ed Moyle, SecurityCurve
Answer 13 Aug 2015
Our AWS encryption keys were exposed accidentally -- now what?

Exposing encryption keys is never a good thing, but knowing the steps to take after such an incident can help limit damage to an enterprise. Expert Dan Sullivan explains. Continue Reading
By
- Dan Sullivan
Tip 31 May 2013
Amazon S3 encryption overview: How to secure data in the Amazon cloud

Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings. Continue Reading
By
- Dave Shackleford, Voodoo Security