Cloud Security Posture Management
Gartner, the IT research and advisory firm that coined the term, describes CSPM as a new category of security products that can help automate security and provide compliance assurance in the cloud. CSPM tools work by examining and comparing a cloud environment against a defined set of best practices and known security risks. Some CSPM tools will alert the cloud customer when there is a need to remediate a security risk, while other more sophisticated CSPM tools will use robotic process automation (RPA) to remediate issues automatically.
Cloud Workload Protection is the process of keeping workloads that move across different cloud environments secure. The entire workload must be functional for a cloud-based application to work properly without introducing any security risks. Seeing what is happening in individual workloads and being able to configure those workloads to manage vulnerabilities is an important aspect of workload protection. By monitoring workload behavior, a CWPP can detect an intrusion anywhere that it is happening and send out an alert.
Cloud network security is a foundational layer of cloud security and is vital to protecting the data, applications, and IT resources deployed within enterprise cloud environments as well as the traffic flowing between cloud deployments and the enterprise’s intranet and on-prem data centers.
Cloud Identity is an Identity as a Service (IDaaS) and enterprise mobility management (EMM) product. It offers the identity services and endpoint administration. As an administrator, you can use Cloud Identity to manage your users, apps, and devices from a central console.
Code Security on Cloud enables you to add security checks to your existing IaC (Infrastructure-as-Code) model, ensuring security throughout the build lifecycle. The Code Security capabilities include creating custom build policies, integrating a wide variety of code repositories and continuous integration and continuous delivery (CI/CD) workflows to secure cloud infrastructure, and applications.
A Cloud API is a software interface that allows developers to link cloud computing services together. Application programming interfaces (APIs) allow one computer program to make its data and functionality available for other programs to use. Like web apps and all the other endpoints out there, APIs can’t protect the data on their own—they must be protected by layers of security.
Zero Trust is a security framework requiring all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data.
Single sign-on (SSO) is a technology which combines several different application login screens into one. With SSO, a user only has to enter their login credentials (username, password, etc.) one time on a single page to access all of their SaaS applications.
Multi-factor authentication is a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login.