NSA Releases Guidance on Mitigating Cloud Vulnerabilities
The National Security Agency (NSA) has released an information sheet with guidance on mitigating cloud vulnerabilities. NSA identifies cloud security components and discusses threat actors, cloud vulnerabilities, and potential mitigation measures.
The document divides cloud vulnerabilities into four classes (misconfiguration, poor access control, shared tenancy vulnerabilities, and supply chain vulnerabilities) that encompass the vast majority of known vulnerabilities. Descriptions of each vulnerability class along with the most effective mitigations are provided to help organizations lock down their cloud resources.
Moreover, CISA encourages administrators and users to review the Guidance and CISA’s page on advanced persistent threats targeting IT service provider customers (‘the Page’), and its analysis report on Microsoft Office 365 and other cloud security observations (‘the Report’) for information on implementing a defense-in-depth strategy to protect infrastructure assets.
Reference:
Contact Us
Learn more about what Techcess CyberSecurity Group can do for your business.
1-833-TXCYBER
1-833-892-9237
Techcess CyberSecurity Group
6110 Clarkson Lane
Houston, Texas 77055
Techcess CyberSecurity Group
Houston, Texas 77055