| Follow @lancinimarco | Subscribe to CloudSecList

Cloud Security Strategies

A collection of articles providing actionable advice for anyone looking to establish a cloud security program aimed at protecting cloud native offerings.

For a summarised view of the full list of controls/questions/advice contained in the articles, you can refer to the companion micro-website: https://roadmap.cloudsecdocs.com/

This is the high-level outline of the different sections:

Some actionable advice that can be undertaken to establish a cloud security program aimed at protecting a cloud native, service provider agnostic, container-based, offering.

    • The Goal: a Roadmap for Cloud Security Teams
    • The North Star
      • Identify
      • Protect
      • Detect
      • Respond
      • Recover
    • Building the Roadmap
      • Domains
      • Controls
        • Maturity Level 1 - The foundations
        • Maturity Level 2
        • Maturity Level 3
        • Maturity Level 4
        • Maturity Level 5
      • Tasks
      • Putting all Together: The Roadmap

A comprehensive guide that provides a structured approach to reviewing the security architecture of a multi-cloud SaaS company and finding its most critical components.

    • The challenge of prioritization
    • The Review Process
      • Phase 1: Cloud Providers
      • Phase 2: Workloads
      • Phase 3: Code
    • Let's put it all together
      • Useful summaries
      • Document as you go