Skip to main contentTo effectively navigate Cloudnosys documentation and understand cloud security concepts, it’s important to familiarize yourself with key terms commonly used in cloud security and the platform itself.
Core Security Concepts
IAM (Identity and Access Management)
A framework for managing identities—such as users, groups, and roles—and their access to cloud resources. It ensures that only authorized entities can interact with your cloud infrastructure.
Key Components:
- Users: Individual accounts with specific permissions
- Groups: Collections of users with shared permissions
- Roles: Sets of permissions that can be assigned to users or services
- Policies: Rules that define what actions are allowed or denied
CloudTrail
An AWS service that records and logs all API calls made within an account, providing detailed audit trails for security monitoring and compliance purposes. CloudTrail helps track user activity and detect potential security issues.
Benefits:
- Audit Trail: Complete record of API calls and user activities
- Compliance: Helps meet regulatory compliance requirements
- Security Monitoring: Detects unauthorized access and suspicious activities
- Forensics: Provides data for security incident investigation
Vulnerability
A weakness in your cloud environment that could be exploited by attackers, such as an exposed port, weak password policies, or an unencrypted database.
Types of Vulnerabilities:
- Configuration Vulnerabilities: Misconfigured security settings
- Software Vulnerabilities: Known security flaws in software
- Network Vulnerabilities: Exposed services or weak network security
- Access Vulnerabilities: Overly permissive access controls
Compliance Drift
When your cloud resources deviate from required configurations or security standards over time, often due to unnoticed changes or misconfigurations. Compliance drift can increase the risk of security incidents.
Common Causes:
- Configuration Changes: Unauthorized or undocumented changes
- Policy Updates: Changes to security policies without proper review
- Resource Modifications: Changes to cloud resources without security validation
- Access Changes: Modifications to user permissions without proper oversight
Attack Path
A sequence of events or vulnerabilities that an attacker could exploit to escalate privileges or access sensitive resources, moving laterally across your environment.
Attack Path Components:
- Initial Access: How an attacker gains initial access
- Privilege Escalation: How they gain higher privileges
- Lateral Movement: How they move through your environment
- Data Exfiltration: How they access and steal sensitive data
Inventory
A comprehensive list of all the resources monitored across your connected cloud accounts. This includes instances, storage, networks, and IAM roles, providing visibility into your entire cloud infrastructure.
Inventory Components:
- Resource Types: EC2 instances, S3 buckets, IAM roles, etc.
- Resource Details: Configuration, status, and metadata
- Relationships: How resources are connected and dependent
- Security Status: Current security posture of each resource
Findings
These represent the detailed, authoritative view of the security status of your cloud resources. Findings highlight specific risks, misconfigurations, or vulnerabilities and provide detailed information for remediation.
Finding Types:
- Critical: Immediate security risks requiring urgent attention
- High: Significant security issues that should be addressed quickly
- Medium: Security issues that should be addressed in a reasonable timeframe
- Low: Minor security issues or recommendations for improvement
Issues
A higher-level, summarized view of findings grouped into broader security categories. Issues help you track and prioritize groups of findings for easier management. You can open a specific finding for detailed analysis and action.
Issue Categories:
- Access Control: Issues related to user permissions and access
- Network Security: Issues with network configuration and security
- Data Protection: Issues with data encryption and protection
- Compliance: Issues related to regulatory compliance
Inventory Topology
An interactive visualization of your cloud resources and their relationships, with integrated attack path analysis. This feature helps you see how your resources are connected and understand potential attack paths for security insights.
Topology Features:
- Visual Representation: Graphical view of your cloud infrastructure
- Relationship Mapping: Shows how resources are connected
- Attack Path Analysis: Identifies potential attack vectors
- Security Insights: Highlights security risks and vulnerabilities
Signatures
A library of predefined security checks mapped to compliance frameworks such as CIS, ISO, and SOC 2. These checks assess your cloud resources for security best practices and compliance requirements. You can filter the checks by provider, severity, or category to tailor the analysis to your needs.
Signature Categories:
- CIS Benchmarks: Center for Internet Security security benchmarks
- ISO Standards: International Organization for Standardization requirements
- SOC 2: Service Organization Control 2 compliance requirements
- Custom Signatures: Organization-specific security requirements
Cloud Provider Terms
AWS Terms
EC2 (Elastic Compute Cloud)
A web service that provides resizable compute capacity in the cloud. EC2 instances are virtual servers that can be used to run applications.
S3 (Simple Storage Service)
An object storage service that offers industry-leading scalability, data availability, security, and performance.
IAM Roles
An IAM identity that you can create in your AWS account that has specific permissions.
VPC (Virtual Private Cloud)
A virtual network dedicated to your AWS account, logically isolated from other virtual networks in the AWS Cloud.
GCP Terms
Compute Engine
Google’s Infrastructure-as-a-Service (IaaS) offering that provides virtual machines running in Google’s data centers.
Cloud Storage
Google’s object storage service for storing and retrieving data in the cloud.
Service Accounts
Special Google accounts that belong to your application or a virtual machine (VM) instance, not to a user.
VPC Networks
Virtual networks that provide connectivity for your Compute Engine VM instances.
Security Frameworks
CIS (Center for Internet Security)
A nonprofit organization that provides cybersecurity best practices and controls to help organizations improve their security posture.
ISO 27001
An international standard for information security management systems (ISMS) that provides a framework for managing information security risks.
SOC 2
A compliance framework developed by the American Institute of CPAs (AICPA) that defines criteria for managing customer data based on five trust service principles.
NIST
The National Institute of Standards and Technology provides cybersecurity frameworks and guidelines for organizations to improve their security posture.
Monitoring and Alerting
Real-time Monitoring
Continuous monitoring of cloud resources for security threats and anomalies, providing immediate alerts when issues are detected.
Compliance Monitoring
Ongoing monitoring of cloud resources to ensure they meet regulatory and industry compliance requirements.
Threat Detection
The process of identifying potential security threats and attacks in your cloud environment.
Incident Response
The process of responding to security incidents, including detection, analysis, containment, and recovery.
Data Protection
Encryption
The process of converting data into a secure format that can only be read by authorized parties with the appropriate decryption key.
Data Classification
The process of categorizing data based on its sensitivity and importance to determine appropriate security controls.
Access Controls
Mechanisms that restrict access to resources based on user identity and permissions.
Audit Logging
The process of recording and monitoring system activities to detect security violations and ensure compliance.
Understanding These Terms
Why Terminology Matters
Understanding these terms is crucial for:
- Effective Communication: Clear communication with your team and stakeholders
- Security Implementation: Proper implementation of security controls
- Compliance: Meeting regulatory and industry requirements
- Risk Management: Identifying and mitigating security risks
Learning Resources
- Documentation: Refer to Cloudnosys documentation for detailed explanations
- Training: Attend Cloudnosys training sessions for hands-on learning
- Community: Join the Cloudnosys community for peer learning
- Support: Contact support for clarification on specific terms
- Configuring Scans: Configure your first security scan
- Understanding Results: Learn how to interpret scan results
Conclusion
Understanding these key terms will help you navigate Cloudnosys more effectively and make informed decisions about your cloud security posture. As you work with the platform, you’ll become more familiar with these concepts and how they apply to your specific environment. 
