Cloud Security terms

25 terms

• Cloud Security

  The set of policies, controls, and technologies that protect data, applications, and infrastructure hosted in public, private, or hybrid cloud environments.

• Shared Responsibility Model

  A cloud security framework that splits security duties between the cloud provider (security of the cloud) and the customer (security in the cloud).

• CSPM (Cloud Security Posture Management)

  A category of tools that continuously assess cloud accounts against best-practice and compliance baselines to detect and remediate misconfigurations.

• CWPP (Cloud Workload Protection Platform)

  A platform that protects cloud workloads — virtual machines, containers, and serverless functions — across their entire lifecycle, from build to runtime.

• CASB (Cloud Access Security Broker)

  A policy enforcement point that sits between users and cloud/SaaS applications to enforce visibility, data protection, and threat controls.

• CNAPP (Cloud-Native Application Protection)

  An integrated security platform that combines CSPM, CWPP, CIEM, IaC scanning, and runtime detection to protect cloud-native applications from build to runtime.

• CIEM (Cloud Infrastructure Entitlement Management)

  A discipline and tooling category that discovers, analyzes, and right-sizes the identities and permissions that exist inside cloud environments.

• SSPM (SaaS Security Posture Management)

  A tooling category that continuously monitors SaaS application configurations, identities, and integrations to detect misconfigurations and risky behaviour.

• Container Security

  The practice of securing container images, registries, orchestrators, and the runtime in which containers execute.

• Kubernetes Security

  The protection of a Kubernetes cluster — its API server, control plane, nodes, workloads, and network — from misconfiguration, compromise, and lateral movement.

• Serverless Security

  The practice of securing event-driven, function-based workloads such as AWS Lambda, Azure Functions, and Google Cloud Functions, where the underlying servers are managed by the provider.

• Infrastructure as a Service (IaaS)

  A cloud service model in which the provider delivers virtualized compute, storage, and networking, while the customer manages the OS, middleware, and applications on top.

• Platform as a Service (PaaS)

  A cloud model in which the provider manages the runtime, middleware, OS, and infrastructure while the customer focuses on application code and data.

• Software as a Service (SaaS)

  A cloud delivery model in which a vendor hosts and operates an application that customers access over the Internet on a subscription basis.

• Function as a Service (FaaS)

  Function as a Service (FaaS) — definition coming soon.

• Cloud Encryption

  Cloud Encryption — definition coming soon.

• Bring Your Own Key (BYOK)

  Bring Your Own Key (BYOK) — definition coming soon.

• Hold Your Own Key (HYOK)

  Hold Your Own Key (HYOK) — definition coming soon.

• Confidential Computing

  Confidential Computing — definition coming soon.

• Secure Enclave

  Secure Enclave — definition coming soon.

• Trusted Execution Environment (TEE)

  Trusted Execution Environment (TEE) — definition coming soon.

• Tenant Isolation

  Tenant Isolation — definition coming soon.

• Cloud Misconfiguration

  Cloud Misconfiguration — definition coming soon.

• S3 Bucket Misconfiguration

  S3 Bucket Misconfiguration — definition coming soon.

• IAM Misconfiguration

  IAM Misconfiguration — definition coming soon.