Glossary

Table of Contents

A

Amazon Simple Storage Service (Amazon S3)

Storage for the internet. You can use it to store and retrieve any amount of data at any time, from anywhere on the web

C

Cloud Account

Cloud account is referred to a single account in a cloud provider like AWS and AZURE. Cloudnosys platform serves like a bridge that uses the provided cloud account to run security checks, available for all enterprises who want Cloudnosys as a security shield for their cloud infrastructure.

A formal relationship with Cloudnosys that is associated with all of the following:

– The owner email address and password

– The control of resources created under its umbrella

– Payment for the activities related to those resources

The cloud account has permission to do anything and everything with all the account resources. This is in contrast to a user, which is an entity contained within the account.

Cloud Provider

A company that provides cloud-based platform, infrastructure, application, or storage services to other organizations and/or individuals. Cloudnosys provides services of two major cloud providers; AWS and AZURE.

Critical Risks

Critical Risk depicts most affected security posture of resources.

G

Governance

Refers to the process of applying and managing certain principles or policies on cloud environments to ensure they maintain the requisite security standards. The main goal of cloud governance and compliance is to safeguard user interests and ensure cloud services are managed, distributed and delivered in the best way possible.

I

Inventory

Inventory gives users a snapshot of their inventory on the cloud infrastructure (services distributed in categories: Computing, Storage, Network and IAM).

R

Resource

An entity that users can work with in AWS, such as an EC2 instance, an Amazon DynamoDB table, an Amazon S3bucket, an IAM user and an AWS OpsWorksstack.

Risks

Risk is a probability, threat or vulnerability that could negatively affect confidentiality, privacy, reliability, and integrity of a provider’s services and can cause great damage to the user’s cloud environment. A cloud infrastructure contains sensitive and critical data, such as personal, government or business data, hence the risks includes unauthorized access to customer and business data, Denial of service, Insecure APIs, Compliance violation, etc.

Role ARN

Amazon Resource Name (ARN). A standardized way to refer to an AWS resource. For example: arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/Bob.

Rule

Rule is a set of conditions, you add rules and set conditions upon resources, whether you want to allow(pass) or block(fail) responses.

S

Single Sign On(SSO):

A cloud-based service that simplifies managing SSO access to AWS accounts and business applications. You can control SSO access and user permissions across all your AWS accounts in AWS Organizations

Signatures

Refers to a digital signature, which is a mathematical way to confirm the authenticity of a digital message. AWS uses signatures to authenticate the requests you send to our web services

Scan is a detection process, which runs a security check on all resources of the selected cloud account, according to certain criteria and then categorize them according to pass or fail

Suppression

When an alert is irrelevant, you can manually dismiss it.

Cloudnosys provides a Suppression feature for this to automatically dismiss similar alerts in the future. Suppression can be used for:

  • Suppress alerts that you’ve identified as false positives
  • Suppress alerts that are being triggered too often to be useful

Security Groups

A named set of allowed inbound network connections for an instance. (Security groups in Amazon VPC also include support for outbound connections.) Each security group consists of a list of protocols, ports, and IP address ranges. A security group can apply to multiple instances, and multiple groups can regulate a single instance in Cloudnosys you have groups like Performance,IAM,Networking & others.

T

Tag

Metadata that you can define and assign to AWS resources, such as an EC2 instance. Not all AWS resources can be tagged.

U

User

A person or application under an organization that needs to make API calls to AWS products.

V

VPC

Virtual private cloud. An elastic network populated by infrastructure, platform, and application services that share common security and interconnection.

Virtual private cloud. An elastic network populated by infrastructure, platform, and application services that share common security and interconnection.