1. Uphold the Cloud Shared Responsibility Model
2. Use Secure Cloud Identity and Access Management Practices
3. Use Secure Cloud Key Management Practices
4. Implement Network Segmentation and Encryption in Cloud Environments
5. Secure Data in the Cloud
6. Defending Continuous Integration/Continuous Delivery (CI/CD) Environments
7. Enforce Secure Automated Deployment Practices through Infrastructure as Code
8. Account for Complexities Introduced by Hybrid Cloud and Multi-Cloud Environments
9. Mitigate Risks from Managed Service Providers in Cloud Environments
10. Manage Cloud Logs for Effective Threat Hunting

Download (0.4 MB)