From the course: Cybersecurity with Cloud Computing
Join today to access over 25,500 courses taught by industry experts.
Threats to cloud deployments
From the course: Cybersecurity with Cloud Computing
Threats to cloud deployments
- [Instructor] Let's take a look at the key threats to cloud deployments. The Open Web Application Security Project, OWASP, is best known for its top 10 list of attacks on web applications. However, one of the more recent areas in which the OWASP folks provide guidance is cloud. Let's take a look at the Cloud-Native Application Security top 10 risks. These are known as CNAS-1 to CNAS-10 and include both cloud-specific and general threats, which include cloud systems. CNAS-1 covers a number of attacks relating to insecure configurations. These include containers running under the route account, storage buckets that are open to the public or to other cloud users, and shared resources allowing host interaction with the VM. Web applications in the cloud are just as vulnerable as those on-premise, and CNAS-2 is the class of application level injection floors, including SQL injections, and operating systems command injections. CNAS-3 covers improper authentication and authorization…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.