Cloud security is a collection of tools, policies, technologies and methods that are used to protect the resources or the services that are hosted on the cloud providers like Azure, AWS and GCP.
Why cloud security is important?
As there are more and more cloud providers emerging to provides and there are many consumers who are readily willing to use the services, we need to be careful that we are protecting our cloud infrastructure and application from the externaml and internal threats. Some of the common practices of the ways in which we can secure our cloud infrastructure and application is given below:
IAM controls – IAM controls are the one of the components that are part of AWS cloud and are use to secure the access and authorization of the end users on the AWS resources. They form the first line of defense for securing cloud infrastructure on AWS cloud
Monitoring – Monitoring plays a vital role on identifying and creating alerts if it finds some abnormality on the unusual behavior of the cloud infrastructure that is being used. Having a support team to monitor the cloud infrastructure and application code 24*7 is one of the most important aspects of monitoring.
DAST – DAST stands for dynamic application security testing, it is a method where we test the application for the attacks such as DDOS, penetration testing any more more. We need a application url which can then be configured in some tools such as Kali linux and more.
SAST – Sast stands for static code analysis which is done to make sure that we are not having any bugs and following the best practices. SAST helps us in determining the code coverage and helps us in identifying if there are any credentials that have been checked into the code. One of the most popul;ar tools for SAST scans are Sonarqube which supports scanning code for multiple programming languages like python, donet, java etc.