Cloud security

The cloud offers improved efficiency, flexibility and scalability, but its benefits can be reversed if security isn't top of mind. Read cloud security best practices, including tips on data protection and IaaS, PaaS and SaaS security, as well as cloud-specific tools and services such as CASBs, CWPPs and CSPM.

Top Stories

Tip 15 Jul 2025
What is cybersecurity mesh? Key applications and benefits

Is it time to consider a different approach to security architecture? Cybersecurity mesh might be an effective way to address complex, distributed environments. Continue Reading
By
- Ed Moyle, SecurityCurve
Tip 07 Jul 2025
The cloud's role in PQC migration

Even though Q-Day might be several years away, enterprises should develop a strategic plan to prepare for the future. Experts share what challenges lie ahead with PQC migration. Continue Reading
By
- George Lawton

Tip 18 Jul 2018
The risks of container image repositories compared to GitHub

As container use rises, so does the use of container image repositories. Expert Dave Shackleford discusses the risks associated with them and how they compare to other registries. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 29 Jun 2018
How to use Packetbeat to monitor Docker container traffic

Docker containers can help secure cloud applications, but malicious traffic can still move to and from those containers on a network. Dejan Lukan explains how to use Packetbeat to monitor such threats. Continue Reading
By
- Dejan Lukan, Protean Security
Tip 20 Jun 2018
How to secure cloud buckets for safer storage

Cloud buckets that enterprises use for storage can provide security benefits, but they also come with some risks. Expert Frank Siemons discusses the risks and how to mitigate them. Continue Reading
By
- Frank Siemons, RedSec
Tip 30 May 2018
Cloud endpoint security: Balance the risks with the rewards

While cloud endpoint security products, such as antivirus software, provide users with many benefits, the cloud connection also introduces risks. Expert Frank Siemons explains. Continue Reading
By
- Frank Siemons, RedSec
Quiz 29 May 2018
Reviewing cloud data protection measures: CCSP Domain 2

This practice quiz will assess your understanding of key concepts in Domain 2 of the CCSP exam. This part of the test covers cloud data security strategies, technologies and more. Continue Reading
By
- (ISC) 2
Tip 09 May 2018
How a cloud backdoor poses a threat to the enterprise

Cloud backdoors pose a rising threat to enterprises, according to new research. Expert Ed Moyle explains what a cloud backdoor is and what mitigation options are available. Continue Reading
By
- Ed Moyle, SecurityCurve
Quiz 30 Apr 2018

CCSP Practice Exam and Study Guides

Studying for, obtaining and maintaining your CCSP® certification has now become more convenient with SearchCloudSecurity.com. Continue Reading
Feature 03 Apr 2018
AWS S3 bucket security falls short at high-profile companies

Everyone is putting their data in the cloud, from IT staff to department heads. With functionality galore, basic security measures too often go unchecked. Continue Reading
By
- Kathleen Richards
Tip 07 Mar 2018
What the Azure AD Connect vulnerability can teach enterprises

Enterprises should learn from a Microsoft Azure AD Connect vulnerability that security requires a hands-on approach. Expert Rob Shapland takes a closer look at the permissions flaw. Continue Reading
By
- Rob Shapland
Answer 27 Feb 2018
How does the Amazon GuardDuty threat detection service work?

At the 2017 re:Invent conference, Amazon announced their latest threat detection product: Amazon GuardDuty. Learn how this service works and what sets it apart from other products. Continue Reading
By
- Matthew Pascucci
Blog Post 30 Nov 2017
The CASB market is (nearly) gone but not forgotten

A series of acquisitions have drastically reduced the number of stand-alone cloud access security brokers and reshaped the CASB market for years to come. Continue Reading
By
- Rob Wright, Senior News Director
Tip 20 Sep 2017
How attackers can intercept iCloud Keychain data

A verification flaw in the synchronization service of iCloud Keychain enables attackers to intercept the data it transfers. Expert Frank Siemons explains what to do about it. Continue Reading
By
- Frank Siemons, RedSec
Definition 31 Aug 2017
Google Cloud Key Management Service (KMS)

Google Cloud Key Management Service (KMS) is a cloud service for managing encryption keys for other Google cloud services that enterprises can use to implement cryptographic functions. Continue Reading
By
- Madelyn Bacon, TechTarget
Answer 31 Mar 2017
Google Cloud KMS: What are the security benefits?

Google Cloud KMS is a new encryption key management service available for Google customers. Expert Matthew Pascucci discusses how this service works and its security benefits. Continue Reading
By
- Matthew Pascucci
Tip 21 Dec 2016
VM isolation technique considerations for enterprises

VM isolation techniques are good strategies to prevent infections from spreading to the entire cloud environment. Ed Moyle explains what enterprises need to know about isolation. Continue Reading
By
- Ed Moyle, SecurityCurve
Tip 09 Feb 2016
Breaking down the risks of VM escapes

The Xen hypervisor flaw highlighted the risks of VM escapes, but expert Ed Moyle explains why the flaw should serve as a warning for virtual containers as well. Continue Reading
By
- Ed Moyle, SecurityCurve
Answer 13 Aug 2015
Our AWS encryption keys were exposed accidentally -- now what?

Exposing encryption keys is never a good thing, but knowing the steps to take after such an incident can help limit damage to an enterprise. Expert Dan Sullivan explains. Continue Reading
By
- Dan Sullivan
Tip 31 May 2013
Amazon S3 encryption overview: How to secure data in the Amazon cloud

Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings. Continue Reading
By
- Dave Shackleford, Voodoo Security