Required Advise for Cloud Security Assessment
HI there, is it good to find out these questions before conducting a IT security assessment on the cloud?
What is the type of cloud services that is required to be tested a. Infra as a Service – Amazon, Rackspace b. Software as a Service – component required to run the app is supplied, tenant will supply the app c. Platform as a Service – Salesforce, mailchimp 2. Is there root access provided for the IaaS? 3. Are you using an on-premise tools or a cloud based for VA? 4. Are you using the CSP provider for other purpose rather than hosting a website? (Containers, Kubernetes, Dockers) 5. For the API are you using different cloud service provider?
I am not sure exactly what your question is, but it appears you may be going through a CSA Star assessment. AWS goes through several security/compliance assessments each year (https://aws.amazon.com/compliance/services-in-scope/) including CSA Star (https://aws.amazon.com/compliance/iso-certified/). Have a look at the links and if you can clarify your question I can try to be more specific.
Managed Blockchain and Cloud Storageasked 2 months ago
Assessment Questionaire for AWS workloads moving to AWS - Amazon Managed Servicesasked 5 months ago
Is there a way to generate the network diagram to increase the visibility
Implement Security on the Web Application Without Touching the Web Application
Security Hub and Cloudwatch EventsAccepted Answerasked 3 years ago
Required Advise for Cloud Security Assessmentasked 5 months ago
DeepLens - How to fix "The security token included in the request is invalid"?asked 2 months ago
Why VPN is not in the HIPAA compliant services while Transit Gateway is?Accepted Answerasked 2 years ago
Can I set a security group for each workspace that is launched?asked 3 months ago
Is there an ip-block for whitelisting?asked a year ago