Cloud Deployment Models:
IaaS: In the Infrastructure as a Service (IaaS) model, the consumer can "provision" and is able to "deploy and run," but they still do not "manage or control" the underlying cloud infrastructure.
PaaS: In the Platform as a Service (PaaS) model, the consumer has the ability to create applications and host them.
SaaS: In the Software as a Service (SaaS) model, the consumer has the ability to use applications provided by the cloud provider over the Internet.
SecaaS: Security as a Service (SecaaS) offers a way for enterprises to access security services that are robust, scalable and cost effective. SECaaS is a subscription-based business model intended to be more cost effective than smaller individuals/corporations.
Different cloud models are explained below:
Private cloud: The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise.
Community cloud: The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g. mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise.
Public cloud: The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.
Hybrid cloud: The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but that are bound together by standardized or proprietary technology enabling data and application portability.
SOAR: SOAR stands for Security Orchestration, Automation, and Response. The term is used to describe three software capabilities - threat and vulnerability management, security incident response and security operations automation. SOAR allows companies to collect threat-related data from a range of sources and automate responses to most commonly encountered threats.
Managed service provider (MSP)/managed security service provider (MSSP): A managed service provider (MSP) is a company that remotely manages a customer's IT infrastructure. A managed security service provider (MSSP) does the same thing as a third party that manages security services. A third-party service is usually expensive and suitable for medium and large companies.
Anything as a service (XaaS): XaaS describes a wide array of services that can be delivered to users from the cloud services. It recognizes the vast number of products, tools, and technologies that are now delivered to users as a service over the internet.
Common Vulnerability Scoring System (CVSS): It is an open framework for communicating the characteristics and severity of software vulnerabilities. This does not include incident response system.
Remote-Access Trojan (RAT): A set of malware designed to exploit a system providing remote access. It is a malware program that includes a back door for administrative control over the target computer. RATs usually accompany a known user-requested program such as a game or sent as an email attachment without the users knowledge.
Virtualization sprawl: Virtualization sprawl is a phenomenon that occurs when the number of virtual machines (VMs) on a network reaches a point where the administrator can no longer manage them effectively. Virtualization sprawl may also be referred to as virtual machine sprawl, VM sprawl or virtual server sprawl.
How to Prevent Virtualization sprawl
Audit Vms: It may seem like a simple solution, but make it a policy that every VM and virtual server must be documented and registered.
Optimize storage and implement data policies: To prevent the usage of unnecessary disk and storage space, use technologies like snapshots and thin provisioning.
Implement lifecycle management tools: To keep track of all virtual machines, as well as virtual servers, it's a good idea to use a lifecycle management tool. With such a tool, it's possible to provide virtual machines only for the users of one specific project or track all objects within a centralized database. When a project is finished, it's far easier to identify unneeded or unused VMs for secure erasure.
Implement VM archiving: Many users create virtual machines just for one project, use it a couple of times, and then leave it untouched for months. Instead of keeping these VMs inside the production environment, they should be archived. Many backup solutions provide the possibility to archive unused VMs on cheaper storage or tape.
Sandboxing: Sandboxing involves running applications in restricted memory areas. It limits the possibility of an application crash, allowing a user to access another application or the data associated with it.
Patch Management: Patch management ensures that systems and applications stay up to date with current patches.
Physical security controls: A physical security control is something you can physically touch, such as a hardware lock, a fence, an identification badge, and a security camera