Required Advise for Cloud Security Assessment


HI there, is it good to find out these questions before conducting a IT security assessment on the cloud?

What is the type of cloud services that is required to be tested a. Infra as a Service – Amazon, Rackspace b. Software as a Service – component required to run the app is supplied, tenant will supply the app c. Platform as a Service – Salesforce, mailchimp 2. Is there root access provided for the IaaS? 3. Are you using an on-premise tools or a cloud based for VA? 4. Are you using the CSP provider for other purpose rather than hosting a website? (Containers, Kubernetes, Dockers) 5. For the API are you using different cloud service provider?

asked 2 years ago92 views
1 Answer

I am not sure exactly what your question is, but it appears you may be going through a CSA Star assessment. AWS goes through several security/compliance assessments each year ( including CSA Star ( Have a look at the links and if you can clarify your question I can try to be more specific.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions