Cloud Infrastructure and Services
Cloud Solution Concepts
Vendors and Open Source Tooling
AWS Key Services
Darktrace/Cloud Key Concepts
100

a paid service model that allows users to
conduct work via an application that is accessible over the internet.

SaaS

100

A solution that identities and prevents accidental or
malicious exposure, sharing and loss of sensitive data.

Data Loss Prevention (DLP)

100

The industry’s largest provider of scalable cloud
computing services and infrastructure to build, run and manage applications on.

Amazon Web Services (AWS)

100

monitors applications and infrastructure in AWS
for signs of risk or disruption

AWS Cloudwatch

100

This relates to a variety of RESPOND containment
actions which can occur automatically in cloud environments. An example may be the
targeted isolation of an EC2 instance

Cloud Autonomous Response

200

An individual user or role with a corresponding set of permissions,
authentication procedures and controls. The purpose of this is to understand
‘who’ a user is and what they should be allowed to do in a cloud network.

Identity

200

Located between on-prem deployments and
cloud environments, this enforce security policies such as authentication, credential
encryption and incoming malware detection.

Cloud Access Security Brokers (CASB)

200

Google’s answer to cloud application and infrastructure
services. The final ‘big three’ cloud vendor.

Google Cloud Platform (GPC)

200

This is a serverless computing service that runs application code. An
example of its use may be building or calling an API.

AWS Lambda

200

Within the Darktrace/Cloud context, this refers to
the steps attackers are most likely to exploit, to cause the most damage in the cloud

Attack path Discovery/Modeling

300

created using software on one physical device, in order
to emulate the functionality of another separate physical device. This means developers
can run multiple operating systems/functions at the same time from one server.

a Virtual Machine
300

A cloud security tool used to identify
potential misconfigurations and compliance threats to your cloud environments.

Cloud Security Posture Management (CSPM)

300

an open-source platform designed for automating,
deploying, scaling, and managing containerized applications

Kubernetes

300

This is a threat detection service that monitors AWS identities
and workloads for potential malicious activity

Amazon Guard Duty

300

These are diagrams showing an enumeration of all cloud
assets and identities. They are categorized with context of their purpose and the
relationships between them.

Modeled Architectures

400

A broader networking concept that encourages engineers to split their
networks into multiple smaller and more manageable networks with their own controls

Segmentation


400

Policies or solution features
ensuring that only the right people can access a business’ data, resources and services.

Identity Access Management

400

another popular public cloud with a range of database solutions,
applications and infrastructure services. customers of this company are particularly prominent in
the USA

Oracle

400

 the web service used to deploy virtual
machines in AWS. A singular component of this represents a server running different applications
and functions for your business.

Amazon Elastic Compute Cloud (EC2)

400

These are live alerts related to potential vulnerabilities and
weaknesses within the cloud environment. This could be a container with exposed ports
ready to be scanned

Misconfiguration Alert

500

A virtual package of software that only simulates the operating system
rather than the hardware associated with it. These are designed to be scalable and
perform their set function regardless of the device they are running on.

Container

500

A newer term referring to
solutions that include a unified approach to cloud security. These tools include a variety
of posture management, workload visibility and detection features.

Cloud Native Application Protection Platform (CNAPP)

500

a platform that can be used to automate the creation of containers
in on-prem, private clouds and public clouds such as AWS.

Docker

500

An API service centered around compliance, governance and user
risk.

Amazon Cloudtrail

500

This tells users the proportional computing spend of resources and
workloads within a particular modeled architecture.

Cost Discovery

M
e
n
u