Cloud security posture management: tools and techniques
DOI:
https://doi.org/10.60087/jklst.vol2.n3.p622Abstract
Cloud Security Posture Management (CSPM) is a critical approach to maintaining a secure cloud infrastructure by continuously assessing and improving cloud security configurations. With the rapid growth of cloud adoption across various industries, the need for proactive security measures has become paramount to protect against data breaches, misconfigurations, and compliance violations. CSPM tools and techniques enable organizations to identify security risks, monitor compliance with industry standards, and automate responses to vulnerabilities. This paper explores the evolving landscape of CSPM, highlighting essential tools and techniques used to safeguard cloud environments. Key tools discussed include cloud-native security services, third-party CSPM solutions, and artificial intelligence-driven automation. Techniques covered include continuous monitoring, threat detection, and compliance management. The paper aims to provide a comprehensive overview of CSPM's role in enhancing cloud security and guiding organizations toward adopting robust practices for a secure cloud posture.
Downloads
References
Behl, A. (2011). Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation. World Congress on Information and Communication Technologies, 217-222.
Chandra, S., Varde, A. S., & Wang, J. (2018). A Hive and SQL case study in cloud data analytics. IEEE UEMCON, 112-118.
Dong, B., Varde, A., Li, D., Samanthula, B., Sun, W., & Zhao, L. (2019). Cyber intrusion detection by using deep neural networks with attack-sharing loss. IEEE DataCom. arXiv preprint arXiv:2103.09713.
Enriquez, R. L. (2021). Cloud security posture management (CSPM) in Azure. Theseus. https://www.theseus.fi/handle/10024/504136
Guffey, J., & Li, Y. (2023). Cloud service misconfigurations: Emerging threats, enterprise data breaches & solutions. IEEE CCWC, 806-812.
Johnson, R. E. (2010). Cloud computing security challenges and methods to remotely augment a cloud's security posture. International Conference on Information Society, 179-181.
Kalvakurthi, V., Varde, A., & Jenq, J. (2023). Hey Dona! Can you help me with student course registration? AAAI 2023 Conference, Workshop on AI for Education. https://doi.org/10.48550/arXiv.2303.13548
Khasuntsev, N. A. (2022). Automatic detection of misconfigurations of AWS Identity and Access Management Policies. University of Twente, NL.
Radakovic, D., Singh, A., Varde, A., & Lal, P. (2022). Enriching smart cities by optimizing electric vehicle ride-sharing through game theory. IEEE ICTAI, 755-759. https://doi.org/10.1109/ICTAI56018.2022.00116
Sari, A. (2015). A review of anomaly detection systems in cloud networks and survey of cloud security measures in cloud storage applications. Journal of Information Security, 6(2), 15-28. https://doi.org/10.4236/jis.2015.62015
Sanders, M., & Yue, C. (2019). Mining least privilege attribute-based access control policies. ACM 35th Annual Computer Security Applications Conference (ACSAC), 404-416.
Varghese, C., Pathak, D., & Varde, A. S. (2020). SeVa: A food donation app for smart living. IEEE CCWC Conference, 408-413.
Varde, A., Robila, S., & Weinstein, M. (2011). Energy: Green data centers for sustainability. White Paper by NIST-TIP: National Institute of Standards and Technology - Technology Innovations Program. https://www.researchgate.net/publication/268208144
Zhang, X., Wuwong, N., Li, H., & Zhang, X. (2010). Information security risk management framework for the cloud computing environments. IEEE International Conference on Computer and Information Technology, 1328-1334.
Zhao, Zion3R. (2021). OpenCSPM - Open Cloud Security Posture Management Engine. KitPloit. https://www.kitploit.com/2021/02/opencspm-open-cloud-security-posture.html
Xiao, Y., Jia, Y., Liu, C., Cheng, X., Yu, J., & Lv, W. (2019). Edge computing security: State of the art and challenges. Proceedings of IEEE, 107(8), 1608-1631. https://doi.org/10.1109/JPROC.2019.2918437
Downloads
Published
Issue
Section
License
Copyright (c) 2023 Journal of Knowledge Learning and Science Technology ISSN: 2959-6386 (online)
This work is licensed under a Creative Commons Attribution 4.0 International License.
©2024 All rights reserved by the respective authors and JKLST.