Cloud Security Strategies
A collection of articles providing actionable advice for anyone looking to establish a cloud security program aimed at protecting cloud native offerings.
For a summarised view of the full list of controls/questions/advice contained in the articles, you can refer to the companion micro-website: https://roadmap.cloudsecdocs.com/
This is the high-level outline of the different sections:
Some actionable advice that can be undertaken to establish a cloud security program aimed at protecting a cloud native, service provider agnostic, container-based, offering.
- The Goal: a Roadmap for Cloud Security Teams
- The North Star
- Identify
- Protect
- Detect
- Respond
- Recover
- Building the Roadmap
- Domains
- Controls
- Maturity Level 1 - The foundations
- Maturity Level 2
- Maturity Level 3
- Maturity Level 4
- Maturity Level 5
- Tasks
- Putting all Together: The Roadmap
A comprehensive guide that provides a structured approach to reviewing the security architecture of a multi-cloud SaaS company and finding its most critical components.
- The challenge of prioritization
- The Review Process
- Phase 1: Cloud Providers
- Phase 2: Workloads
- Phase 3: Code
- Let's put it all together
- Useful summaries
- Document as you go
