« CI Sécurisation du Cloud/en » : différence entre les versions

De Wiki Campus Cyber
Aller à :navigation, rechercher
(Page créée avec « -Define the risks inherent in the cloud in all areas (risk of information leakage, intrusion, compliance, etc.). »)
Aucun résumé des modifications
 
(7 versions intermédiaires par 3 utilisateurs non affichées)
Ligne 3 : Ligne 3 :
|ShortDescription EN=Define the risks inherent in the cloud in all areas (risk of information leakage, intrusion, compliance, etc.).
|ShortDescription EN=Define the risks inherent in the cloud in all areas (risk of information leakage, intrusion, compliance, etc.).
|Tag=Cloud
|Tag=Cloud
|Status=En cours
}}
}}
== Description ==
== Description ==
Ligne 8 : Ligne 9 :
-Define the risks inherent in the cloud in all areas (risk of information leakage, intrusion, compliance, etc.).
-Define the risks inherent in the cloud in all areas (risk of information leakage, intrusion, compliance, etc.).


<div lang="fr" dir="ltr" class="mw-content-ltr">
-Prioritize risk coverage needs.
-Hiérarchiser les besoins en couverture de ces risques.
</div>


<div lang="fr" dir="ltr" class="mw-content-ltr">
-Define the major issues and challenges surrounding public and private cloud security. Focus on the specificities of the cloud (container security, use of CI/CD, use of CSPM/CNAPP/CIEM tools, secret management, partitioning & filtering, resilience, etc.).
-Définir les grands chantiers et enjeux autour de la sécurité du cloud public et privé. Focus sur les spécificités du cloud (sécurité des conteneurs, usage de la CI/CD, usage des outils de type CSPM/CNAPP/CIEM, Secret management, cloisonnement & filtrage, résilience,)
</div>


<div lang="fr" dir="ltr" class="mw-content-ltr">
-Share best practices and methods for the secure deployment of these new technologies (containers, CICD, CNAPP, etc.)
-Partager les bonnes pratiques et les méthodes de déploiement sécurisé de ces nouvelles technologies (conteneurs, CICD, CNAPP )
</div>


<div lang="fr" dir="ltr" class="mw-content-ltr">
-Share best practices for hosting applications with confidential data in clouds.
-Partager les bonnes pratiques pour héberger des applications avec des données confidentielles dans les clouds.
</div>


==Logbook==
===05.04===
The Cloud Security IC has completed its task of collecting topics and is working on the pre-configuration of working groups. 3 working groups will be prioritised and launched in May. Members are invited to position themselves on the working groups as contributors and coordinators.
===09.02.24===
Ideation work on subjects of interest and start of problematisation. The next session will be devoted to defining working groups based on the issues identified.
===12.01.24===
Kick off on January, 12th.
Round-table discussion, introductions, alignment of CI objectives and member expectations.
{{PageSubHeader Communauté d'intérêt}}
{{PageSubHeader Communauté d'intérêt}}

Dernière version du 17 avril 2024 à 10:05

Définir les risques inhérents au cloud sur l’ensemble des thématiques (risque de fuite d’information, intrusion, compliance …)

Catégorie : Communauté d'intérêt Mots clés : Cloud

Statut : En cours

Description

-Define the risks inherent in the cloud in all areas (risk of information leakage, intrusion, compliance, etc.).

-Prioritize risk coverage needs.

-Define the major issues and challenges surrounding public and private cloud security. Focus on the specificities of the cloud (container security, use of CI/CD, use of CSPM/CNAPP/CIEM tools, secret management, partitioning & filtering, resilience, etc.).

-Share best practices and methods for the secure deployment of these new technologies (containers, CICD, CNAPP, etc.)

-Share best practices for hosting applications with confidential data in clouds.

Logbook

05.04

The Cloud Security IC has completed its task of collecting topics and is working on the pre-configuration of working groups. 3 working groups will be prioritised and launched in May. Members are invited to position themselves on the working groups as contributors and coordinators.

09.02.24

Ideation work on subjects of interest and start of problematisation. The next session will be devoted to defining working groups based on the issues identified.

12.01.24

Kick off on January, 12th. Round-table discussion, introductions, alignment of CI objectives and member expectations.


Groupes de travail

 StatusDescription
GT Sécurisation du Cloud - Gouvernance des configurations dans le Cloud publicEn coursGroupe de travail dédié à la gouvernance des configurations dans le Cloud public
GT Sécurisation du Cloud - Sécurité de la donnéeEn coursGT dédié à la sécurisation et au chiffrement des données dans le Cloud : chiffrement at rest, en transit, in use, gestion des clés, des certificats, BYOK,HYOK & co, Confidential Computing