CloudSec Academy

Welcome to CloudSec Academy, your guide to navigating the alphabet soup of cloud security acronyms and industry jargon. Cut through the noise with clear, concise, and expertly crafted content covering fundamentals to best practices.

What is Data Flow Mapping?

In this article, we’ll take a closer look at everything you need to know about data flow mapping: its huge benefits, how to create one, and best practices, and we’ll also provide sample templates using real-life examples.

What are Data Security Controls?

Wiz Experts Team

Data security controls are security policies, technologies, and procedures that protect data from unauthorized access, alteration, or loss

Sensitive Data Discovery

Wiz Experts Team

In this post, we’ll find out why the sensitive data discovery process is so important—along with some of the main challenges. We’ll see how companies tackle the daunting task of classifying their data.

Identity Security [Cloud Edition]

Wiz Experts Team

Cloud identity security is the practice of safeguarding digital identities and the sensitive cloud infrastructure and data they gatekeep from unauthorized access and misuse.

What is Cloud Data Security? Risks and Best Practices

Wiz Experts Team

Cloud data security is the comprehensive strategy of preventing data loss or leakage in the cloud from security threats like unauthorized access, data breaches, and insider threats.

Effective Permissions: A Security Review

Wiz Experts Team

In this article, we will explore the challenges of managing permissions, the risks associated with improper access controls, and how major cloud providers handle permissions. We’ll also take a look at best practices and advanced solutions like cloud infrastructure entitlement management (CIEM).

What is Cloud Risk Management?

Wiz Experts Team

In this article, we’ll explore what cloud risk management entails and take an in-depth look at the tools that can keep your systems safe.

Data Security Compliance Explained

Data security compliance is a critical aspect of data governance that involves adhering to the security-centric rules and regulations set forth by supervisory and regulatory bodies, including federal agencies.

Data Leakage: Risks, Causes, & Prevention

Data leakage is the unchecked exfiltration of organizational data to a third party. It occurs through various means such as misconfigured databases, poorly protected network servers, phishing attacks, or even careless data handling.

Vulnerability Prioritization in the Cloud: Strategies + Steps

Vulnerability prioritization is the practice of assessing and ranking identified security vulnerabilities based on critical factors such as severity, potential impact, exploitability, and business context. This ranking helps security experts and executives avoid alert fatigue to focus remediation efforts on the most critical vulnerabilities.

Top 9 OSS CSPM Tools

Wiz Experts Team

In this article, we’ll explore the top 9 OSS CSPM tools available today, each with its unique capabilities and benefits for helping organizations identify cloud misconfigurations, prevent security breaches, and ensure compliance with industry standards.

Database Security Explained

Database security is the process of identifying, assessing, and mitigating risks that can compromise the confidentiality, integrity, and availability of data.

The Vulnerability Management Lifecycle in 6 Stages

Wiz Experts Team

The vulnerability management lifecycle consists of six key stages: identification and assessment, prioritization, remediation and mitigation, verification and validation, reporting, and monitoring and improvement.

What is a Vulnerability Management Program?

Wiz Experts Team

A vulnerability management program is a structured, continuous approach to identifying, evaluating, and mitigating security weaknesses across an organization's IT ecosystem.

What is Cloud Network Security?

Wiz Experts Team

Cloud network security is a combination of tools, processes, and policies that protect your cloud environments.

What is Cloud Visibility? + Best Practices

Wiz Experts Team

As cloud adoption grows, the only way to mitigate risks and access the full spectrum of cloud capabilities is to prioritize visibility. Read on to learn more about cloud visibility—and how to achieve it.

What are CIS benchmarks?

Wiz Experts Team

CIS benchmarks are publicly available security roadmaps offering core recommendations to guide organizations on hardening their IT systems against cyber threats.

Azure Security Risks & Mitigation Steps

Wiz Experts Team

This article offers an extensive examination of Azure environments’ most pressing security risks along with suggested approaches for effectively mitigating these challenges.

Cloud Sprawl Explained

Wiz Experts Team

Cloud sprawl is a phenomenon that involves the unmanaged growth of cloud-based resources and services.

CSPM vs DSPM: Why You Need Both

Wiz Experts Team

Discover the similarities between CSPM and DSPM, what factors set them apart, and which one is the best choice for your organization’s needs.

Cloud Migration Security Explained

Cloud migration security is a facet of cybersecurity that protects organizations from security risks during a transition to cloud environments from legacy infrastructure, like on-premises data centers.

Native Azure Security Tools

Wiz Experts Team

This blog explores the significance of security in Azure environments and provides an overview of native as well as third-party security tools available to improve an organization’s Azure security stance.

CSPM vs. SSPM

Wiz Experts Team

This post discusses CSPM and SSPM in depth to reveal their respective use cases. You'll also learn how CSPM and SSPM complement each other to strengthen your overall security posture.

AWS Security Risks

Wiz Experts Team

This article examines common AWS security challenges, including identity and access control gaps, data exposure risks, and monitoring blind spots.

CIEM vs. IAM

Wiz Experts Team

In this article, we'll compare CIEM and IAM to explain how these crucial techniques help reduce your attack surface.

Shadow Data

Wiz Experts Team

Shadow data is any data that is created, stored, or shared outside of an organization's formal IT environment and management policies.

Understanding the Shared Responsibility Model

Wiz Experts Team

The shared responsibility model is a framework establishing cloud security responsibilities between cloud service providers (AWS, GCP, Azure) and customers.

Serverless Security Explained

Wiz Experts Team

Serverless security is the extra layer of protection designed for applications built on a serverless architecture. In this type of cloud computing, you write the code (functions) but the cloud provider handles the servers. This creates a different security approach.

Cloud Security Strategy

Wiz Experts Team

A cloud security strategy is the combination of the measures, tools, policies, and procedures used to secure cloud data, applications, and infrastructure.

What is CSPM?

Cloud Security Posture Management (CSPM) describes the process of continuously detecting and remediating risks in cloud environments and services (e.g. S3 buckets w/ public read access). CSPM tools automatically evaluate cloud configurations against industry best practices, regulatory requirements, and security policies to ensure that cloud environments are secure and properly managed.

Risk-Based Vulnerability Management

Wiz Experts Team

Risk-based vulnerability management is a vulnerability management approach that prioritizes vulnerabilities that pose the greatest risk to an organization.

What is Cloud Encryption?

Cloud encryption is the process of transforming data into a secure format that's unreadable to anyone who doesn't have the key to decode it.

CIEM vs CSPM: Why You Need Both

Wiz Experts Team

CSPM focuses on securing cloud infrastructure by identifying and remediating misconfigurations, while CIEM centers on managing and securing user identities and access permissions within cloud environments, addressing threats related to unauthorized access and entitlements.

What is Data Security Posture Management (DSPM)?

Wiz Experts Team

Data security posture management (DSPM) is a solution designed to continuously monitor an organization's data security policies and procedures to detect vulnerabilities and potential risks.

CNAPP vs CSPM

Wiz Experts Team

Learn where CNAPP and CSPM overlap, where they differ, and which one is right for your organization.

IAM Security Explained

IAM security consists of policies and technologies designed to ensure that only authorized individuals gain access to the relevant resources within an organization.

Enterprise Cloud Security 101

Wiz Experts Team

Enterprise cloud security is the comprehensive set of practices, policies, and controls used by organizations to protect their data, applications, and infrastructure in the cloud.

CSPM vs CWPP

Wiz Experts Team

Learn where CSPM and CWPP overlap, where they differ, and which one is right for your organization.

Cloud Management 101

Wiz Experts Team

Cloud management refers to the monitoring, maintenance, and operation of data, apps, and infrastructure hosted on the cloud.

Cloud Governance

Wiz Experts Team

Cloud governance entails the policies, processes, and controls an organization puts in place to ensure the effective and secure management of its cloud resources and services.

What is an Attack Surface?

Wiz Experts Team

An attack surface is refers to all the potential entry points an attacker could exploit to gain unauthorized access to a system, network, or data.

Cloud Security Architecture

Wiz Experts Team

Cloud security architecture is a broad set of principles designed to guide the implementation of security controls, practices, and solutions within a cloud computing environment.

Security Posture Explained

Wiz Experts Team

Security posture is the overall defensive strength of an enterprise’s IT infrastructure, which comprises hardware, software, practices, policies, and personnel.

Types of Cloud Security Tools

Wiz Experts Team

Explore the security roles your tools should cover, then outline the key tool types to help you build your security workflows.

Essential Cloud Security Controls

Wiz Experts Team

Learn to navigate the complexities of cloud security, including the knowledge and tools required to build a robust and proactive defense against ever-evolving cyber threats.

Cloud Native Security

Wiz Experts Team

Cloud native security refers to the practices, tools, and policies that protect cloud native applications and infrastructures.

Cloud Vulnerability Management

Wiz Experts Team

Cloud vulnerability management is the continuous process of identifying, classifying, prioritizing, and remediating security vulnerabilities in your cloud environment.

Azure Security vs. AWS Security: A Comparative Analysis

Wiz Experts Team

To help you make an informed decision, we've crafted a comprehensive comparison of AWS and Azure security, empowering you to select the cloud provider that seamlessly integrates with your unique needs.

Hybrid Cloud Security Explained

Wiz Experts Team

Hybrid cloud security is a combination of strategies, technologies, and teams working in unison to secure an organization’s hybrid cloud environment.

Public Cloud Security Explained

Wiz Experts Team

Public cloud security describes establishing cybersecurity measures to secure public cloud environments accessible to multiple users or organizations.

Private Cloud Security Explained

Wiz Experts Team

Private cloud security is a term that describes the tools and techniques used to secure private cloud environments.

Essential Azure Security Best Practices

Wiz Experts Team

Between its reliability and its robust scalability, Azure has become an integral part of many organizations' cloud architecture. Learn how to secure your Azure deployment with these 5 essential best practices.

Patch Management Explained

Wiz Experts Team

Patch management is the process of planning, testing, and applying updates to software systems and applications to address vulnerabilities, fix bugs, and improve overall system performance.

AWS Security Best Practices

Wiz Experts Team

10 essential AWS security best practices every organization should start with

What is cloud security?

Wiz Experts Team

Cloud security refers to a set of policies, controls, procedures, and technologies that work together to protect cloud-based systems, data, and infrastructure.

The CSPM Solutions Landscape 2024

Wiz Experts Team

A walk through of what the cloud security posture management (CSPM) landscape will look like this year.

8 All-Too-Common Cloud Vulnerabilities

Wiz Experts Team

We outline the most common cloud vulnerabilities with real-life examples of attacks that exploited these vulnerabilities, and simple steps you can take to mitigate them.

Top Native AWS Security Tools

Wiz Experts Team

11 native tools for IAM, data protection, network and application protection, compliance management, and threat detection

What is Vulnerability Management?

Wiz Experts Team

Vulnerability management involves continuously identifying, managing, and remediating vulnerabilities in IT environments, and is an integral part of any security program.