Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
JoshuaGabriel
Newcomer III
‎09-04-2023 08:03 PM
‎09-04-2023 08:03 PM

Cloud security and asset inventory

Hi,

 

Please I have the following concerns:

 

1. Are there tools you would recommend for comprehensive cloud assets inventory?

2. Is there any recommended platform to run scans on cloud assets?

3. How do you perform secure configuration reviews in the cloud?

4. Is there a way to assess the security risk of AI integrations?

Reply
3 Replies
Caute_cautim
Community Champion
‎09-05-2023 04:59 PM
‎09-05-2023 04:59 PM

@JoshuaGabriel 

 

Question 1:   Try this for starters:

 

https://www.zluri.com/blog/cloud-asset-management-software/

 

Do your own assessment

 

Question 2:  There are many many vendors:

 

https://www.coresecurity.com/blog/top-14-vulnerability-scanners-cybersecurity-professionals

 

ServiceNow can do this as well

 

Question three:  Manually using the SP800-R53 V5 or trust the Cloud Providers, SOC 1 and SOC 2 reports or run your own independent Cloud Security Protection Management system - there are many vendors.   Ask yourself how often you need to run the scans?  When changes occur?  Quarterly?  Bi-annually?

 

Question four:  https://owasp.org/www-project-ai-security-and-privacy-guide/

 

https://www.fairinstitute.org/blog/fair-cyber-risk-analysis-ai-insider-threat-chatgpt

 

Hope this assists your thinking?

 

Regards

 

Caute_Cautim

 

 

 

 

Reply
gregbowers
Newcomer I
‎09-09-2023 01:59 PM
‎09-09-2023 01:59 PM

Hello

 

It's great that you're concerned about cloud security and asset inventory. Here are some recommendations and insights for your concerns:

 

1. Cloud Assets Inventory:

  • AWS: Use AWS Config.
  • Azure: Try Azure Resource Graph.
  • Google Cloud: Utilize Cloud Asset Inventory.

2. Scans on Cloud Assets:

  • AWS: AWS Inspector.
  • Azure: Azure Security Center.
  • Google Cloud: Security Command Center.

3. Secure Configuration Reviews:

  • Use Cloud Security Posture Management (CSPM) tools or Infrastructure as Code (IaC) with Terraform/AWS CloudFormation.

4. Security Risk of AI Integrations:

  • Conduct threat modeling.
  • Implement secure development practices.
  • Consider AI-specific security tools like IBM Watson OpenScale or Azure Machine Learning security features.
 
 
 
Reply
marcoperson250
Newcomer I
‎12-28-2023 07:44 AM
‎12-28-2023 07:44 AM

These are two tools for cloud security and asset inventory Azure Policy and Azure environments.

Reply