Cloud Security
Platform as a Service (PaaS)
Also known as: Cloud platform service
Definition
A cloud model in which the provider manages the runtime, middleware, OS, and infrastructure while the customer focuses on application code and data.
Examples
- An Azure App Service exposing a debugging endpoint that leaks environment variables.
- Heroku Postgres instance publicly accessible with weak authentication.
Related terms
Infrastructure as a Service (IaaS)
A cloud service model in which the provider delivers virtualized compute, storage, and networking, while the customer manages the OS, middleware, and applications on top.
Software as a Service (SaaS)
A cloud delivery model in which a vendor hosts and operates an application that customers access over the Internet on a subscription basis.
Function as a Service (FaaS)
Function as a Service (FaaS) — definition coming soon.
Shared Responsibility Model
A cloud security framework that splits security duties between the cloud provider (security of the cloud) and the customer (security in the cloud).
Cloud Security
The set of policies, controls, and technologies that protect data, applications, and infrastructure hosted in public, private, or hybrid cloud environments.
API Security
API Security — definition coming soon.