It’s easy to get overwhelmed with the number of cloud security resources available. How do you know which sources to trust? Which ones should inform your security strategies? Which reports will actually improve your cloud security posture?

Let’s first look at six cloud security guides that you should be using. These resources provide action items that you can take back to your team and use immediately. Each of these guides are from trusted industry experts and cover the most important elements of cloud security like IAM, hardening, encryption, physical security, the shared responsibility model and much more!

Industry-Accepted Cloud Security Guides

  1. CIS Benchmarks

The Center for Internet Security is the best starting point for building, implementing and maintaining a cloud security strategy. They’ve published benchmarks for AWS, GCP, Azure and more! Download your choice of benchmarks now. To dive deeper, check out the CIS Controls Cloud Companion Guide.

  1. CSA Cloud Controls Matrix

The Cloud Security Alliance recently released v4 of its Cloud Control Matrix, which outlines about 200 controls organized into 17 domains. This cybersecurity framework aims to simplify cloud security controls and make compliance more attainable. Download the latest version now.

  1. NIST SP 800-144, Guidelines on Security and Privacy in Public Cloud Computing

NIST has numerous resources in the SP 800 series that apply to cloud security, ranging from access control guidance to VM configurations to storage infrastructure guidelines. NIST SP 800-144 will give you a good baseline of the NIST standards for cloud security. Download the publication now.

  1. SANS Practical Guide to Security in the AWS Cloud

SANS recently released this book in collaboration with AWS Marketplace. If you’re looking for a deep dive on AWS, this extensive guide is the resource for you. Download the guide now.

  1. Google Cloud Security Foundations Blueprint Guide

Build a secure foundation (Read more...)