Explore commonly used Cloud Data Security terms.
Software as a Service (SaaS) is a cloud computing model in which a third-party provider delivers software over the internet on a subscription basis
Security Orchestration, Automation, and Response (SOAR) products are tools that help organizations automate and streamline their incident response processes.
Understanding your organization’s security posture helps you get a clear picture of how secure your business is when facing cyber threats from internal and external sources.
A Security Operation Center (SOC) is a dedicated team or department within an organization that is responsible for monitoring and managing the organization's security posture.
SIEM products are tools that help organizations monitor and analyze their security posture in real-time.
SaaS Security Posture Management (SSPM) are automated security tools that allow for constant monitoring of cloud-based SaaS applications. These tools identify misconfigurations, excessive user permissions, and unnecessary user accounts, helping IT and security teams to ensure compliance with internal policies and external regulations.
Private cloud is a type of cloud computing that delivers services, such as storage, computing, and networking, over the internet, but in a way that is dedicated to a single organization.
Platform as a Service (PaaS) is a cloud computing model in which a third-party provider delivers a platform for developing, deploying, and managing applications over the internet.
Microsoft Sentinel is a powerful security platform that helps organizations detect and respond to threats in real-time.
Microsoft Defender for Cloud is a powerful security tool that helps organizations protect their cloud environments against a wide range of threats.
Kubernetes is an open-source container orchestration system for automating the deployment, scaling, and management of containerized applications
Microsoft Azure Bastion is a service that allows you to securely and seamlessly connect to your Azure virtual machines (VMs) over Remote Desktop Protocol (RDP) and Secure Shell (SSH)
Infrastructure as a Service (IaaS) is a cloud computing model in which a third-party provider delivers infrastructure services, such as computing, networking, storage, and more, over the internet.
Homomorphic encryption is an encryption technique that allows users to perform mathematical operations on encrypted data, without accessing the encryption key.
GCP is a powerful and flexible cloud computing platform that provides businesses with the tools and infrastructure they need to build, deploy, and scale applications and websites quickly and easily.
Google Secret Manager is a secure, scalable, and easy-to-use secrets management service provided by Google Cloud Platform
DynamoDB is a powerful and flexible NoSQL database service that is well-suited for a wide range of applications
Data Security Compliance is a process that defines protocols, procedures and policies to ensure that sensitive data is protected
Data Loss Prevention (DLP) refers to tools which prevent employees or users from sending sensitive or confidential data outside the company’s network. DLP solutions let network administrators control the information that users can transfer.
Data engineering is the practice of designing, building, and maintaining the infrastructure and processes needed to store, transform, and analyze data.
The Data Encryption Standard (DES) is a symmetric-key block cipher algorithm that was first published by the National Institute of Standards and Technology (NIST) in 1977.
Cloud vulnerabilities refer to weaknesses or gaps in the security of cloud computing systems that could potentially be exploited
Cloud Security Posture Management (CSPM) refers to security tools that are used to detect misconfiguration and compliance issues in cloud infrastructures. The primary use of CSPM solutions is to constantly monitor cloud infrastructure for any gaps in security measures or compliance issues.
Cache poisoning is a type of attack in which an attacker is able to inject malicious data into a cache, often a DNS cache.
Azure Blob Storage is a powerful and scalable solution for storing and managing large amounts of unstructured data in the cloud.
Azure Key Vault is a security service offered by Microsoft Azure. It is designed to help customers securely store and manage their cryptographic keys, secrets, and certificates
Azure AD is a powerful tool for managing user identities, access to resources, and security for applications and services within an organization
AWS Storage Gateway is a powerful and convenient service for storing and retrieving data from on-premises storage systems using the AWS Cloud.
AWS Shield is a security service offered by Amazon Web Services (AWS). It is designed to help customers protect their applications from common network and application-level attacks.
AWS Security Hub is a security management service offered by Amazon Web Services (AWS)
AWS Organizations is a feature of the Amazon Web Services (AWS) platform that allows you to centralize billing, account management, and access control for multiple AWS accounts.
AWS Network Firewall is a managed network security service that provides inbound and outbound traffic filtering for Amazon Virtual Private Clouds (VPCs)
Amazon Web Services (AWS) Lambda is a serverless compute service that runs your code in response to events and automatically manages the underlying compute resources for you
AWS IAM is an essential tool for any organization using the AWS platform, enabling users to securely access and manage resources
AWS Elastic Disaster Recovery is a disaster recovery solution offered by Amazon Web Services (AWS) that protects applications and data from outages and disruptions
AWS Firewall Manager is a security service offered by Amazon Web Services (AWS). It is designed to help customers manage and enforce network security policies across their AWS accounts.
AWS Elastic Beanstalk is a fully-managed service offered by Amazon Web Services (AWS) that makes it easy to deploy and run web applications and services.
AWS CloudHSM is a security service offered by Amazon Web Services (AWS). It provides customers with a hardware security module (HSM) in the cloud, which they can use to store and manage their cryptographic keys.
Amazon Config is a useful tool for managing the configurations of your AWS resources and ensuring that they are compliant with your policies and regulatory requirements.
Amazon Web Services (AWS) Certificate Manager (ACM) is a service that lets you easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services.
AWS Backup is a fully-managed service offered by Amazon Web Services (AWS) that enables you to automate the process of backing up your data.
Amazon Lightsail is a flexible and cost-effective solution for businesses and developers who need a simple and reliable way to set up and manage VPS instances in the cloud.
AWS Audit Manager is a powerful and convenient service for automating the process of conducting audits and assessments of your AWS resources.
AWS WAF is an essential tool for helping to secure your web applications and protect them from common threats.
Amazon Timestream is a powerful and flexible tool for managing and analyzing time series data at scale.
Route 53 Resolver DNS Firewall is a valuable service for organization looking to protect their Amazon VPC resources from DNS-based attacks
S3 is a cloud storage service provided by AWS that allows businesses and organizations to store and manage data in the cloud.
Amazon Neptune is a powerful and flexible graph database service that is well-suited for a wide range of applications that require fast, scalable, and reliable storage and querying of connected data.
EC2 is a powerful and flexible cloud computing service that allows businesses and organizations to rent virtual computers to run applications and handle workloads
Amazon EFS is a useful service for storing and accessing large amounts of data in the cloud. It is particularly well-suited for applications that require scalable file storage, high availability, and easy integration with Amazon EC2.
Amazon Inspector is a security assessment service offered by Amazon Web Services (AWS). It is designed to help customers identify and address vulnerabilities in their Amazon Elastic Compute Cloud
AWS Keyspaces is a cloud-based database service that is designed to be scalable, fast, and highly available.
Access controls determine who can access data, apps, systems and digital resources – and in what circumstances they can do so.
Amazon Detective is a security service offered by Amazon Web Services (AWS). It uses machine learning and graph theory to help customers investigate and identify the root cause of security issues
AES is a highly secure and efficient encryption algorithm that is widely used to protect data.
Aurora is a fully-managed, cloud-based relational database service provided by Amazon Web Services (AWS).
An access control list (ACL) is a list of permissions that are associated with a specific file or resource on a computer system or network.