Cloud Infrastructure and Services
a paid service model that allows users to
conduct work via an application that is accessible over the internet.
SaaS
A solution that identities and prevents accidental or
malicious exposure, sharing and loss of sensitive data.
Data Loss Prevention (DLP)
The industry’s largest provider of scalable cloud
computing services and infrastructure to build, run and manage applications on.
Amazon Web Services (AWS)
monitors applications and infrastructure in AWS
for signs of risk or disruption
AWS Cloudwatch
This relates to a variety of RESPOND containment
actions which can occur automatically in cloud environments. An example may be the
targeted isolation of an EC2 instance
Cloud Autonomous Response
An individual user or role with a corresponding set of permissions,
authentication procedures and controls. The purpose of this is to understand
‘who’ a user is and what they should be allowed to do in a cloud network.
Identity
Located between on-prem deployments and
cloud environments, this enforce security policies such as authentication, credential
encryption and incoming malware detection.
Cloud Access Security Brokers (CASB)
Google’s answer to cloud application and infrastructure
services. The final ‘big three’ cloud vendor.
Google Cloud Platform (GPC)
This is a serverless computing service that runs application code. An
example of its use may be building or calling an API.
AWS Lambda
Within the Darktrace/Cloud context, this refers to
the steps attackers are most likely to exploit, to cause the most damage in the cloud
Attack path Discovery/Modeling
created using software on one physical device, in order
to emulate the functionality of another separate physical device. This means developers
can run multiple operating systems/functions at the same time from one server.
A cloud security tool used to identify
potential misconfigurations and compliance threats to your cloud environments.
Cloud Security Posture Management (CSPM)
an open-source platform designed for automating,
deploying, scaling, and managing containerized applications
Kubernetes
This is a threat detection service that monitors AWS identities
and workloads for potential malicious activity
Amazon Guard Duty
These are diagrams showing an enumeration of all cloud
assets and identities. They are categorized with context of their purpose and the
relationships between them.
Modeled Architectures
A broader networking concept that encourages engineers to split their
networks into multiple smaller and more manageable networks with their own controls
Segmentation
Policies or solution features
ensuring that only the right people can access a business’ data, resources and services.
Identity Access Management
another popular public cloud with a range of database solutions,
applications and infrastructure services. customers of this company are particularly prominent in
the USA
Oracle
the web service used to deploy virtual
machines in AWS. A singular component of this represents a server running different applications
and functions for your business.
Amazon Elastic Compute Cloud (EC2)
These are live alerts related to potential vulnerabilities and
weaknesses within the cloud environment. This could be a container with exposed ports
ready to be scanned
Misconfiguration Alert
A virtual package of software that only simulates the operating system
rather than the hardware associated with it. These are designed to be scalable and
perform their set function regardless of the device they are running on.
Container
A newer term referring to
solutions that include a unified approach to cloud security. These tools include a variety
of posture management, workload visibility and detection features.
Cloud Native Application Protection Platform (CNAPP)
a platform that can be used to automate the creation of containers
in on-prem, private clouds and public clouds such as AWS.
Docker
An API service centered around compliance, governance and user
risk.
Amazon Cloudtrail
This tells users the proportional computing spend of resources and
workloads within a particular modeled architecture.
Cost Discovery