Cloud security

From Wiki Campus Cyber
This page is a translated version of the page CI Sécurisation du Cloud and the translation is 100% complete.

Define the risks inherent in the cloud in all areas (risk of information leakage, intrusion, compliance, etc.).

Category: Communities of Interest Tags: Cloud

Statut : En cours

Description

-Define the risks inherent in the cloud in all areas (risk of information leakage, intrusion, compliance, etc.).

-Prioritize risk coverage needs.

-Define the major issues and challenges surrounding public and private cloud security. Focus on the specificities of the cloud (container security, use of CI/CD, use of CSPM/CNAPP/CIEM tools, secret management, partitioning & filtering, resilience, etc.).

-Share best practices and methods for the secure deployment of these new technologies (containers, CICD, CNAPP, etc.)

-Share best practices for hosting applications with confidential data in clouds.

Logbook

05.04

The Cloud Security IC has completed its task of collecting topics and is working on the pre-configuration of working groups. 3 working groups will be prioritised and launched in May. Members are invited to position themselves on the working groups as contributors and coordinators.

09.02.24

Ideation work on subjects of interest and start of problematisation. The next session will be devoted to defining working groups based on the issues identified.

12.01.24

Kick off on January, 12th. Round-table discussion, introductions, alignment of CI objectives and member expectations.


Working Groups

 StatusDescription
WG Cloud Security - Control TowerEn coursWorking group dedicated to implementing cloud control towers: tools (CSPM, CIEM, CWPP, CASB, CNAPP), governance, controls, industrialization, automation, etc.
WG Cloud Security - Data SecurityEn coursGT dedicated to securing and encrypting data in the cloud: encryption at rest, in transit, in use, key and certificate management, BYOK,HYOK & co, Confidential Computing