Home

Awesome

<h1 align="center">Cloud Security Guides</h1> <p align="center">

Cloud Security Guides 是由腾讯安全云鼎实验室维护的一个云计算安全知识库项目,用来收集云安全研究期间发现的优秀资源、文献、典型云安全漏洞以及知识图谱等,并以云参考模型架构为依托,将云上安全资源进行分类编排,为云上安全能力建设工作提供一份参考指南。Cloud Security Guides中提供的云鼎实验室云安全全景图&攻防矩阵,是由云鼎实验室根据云安全研究所总结的云上知识图谱以及云产品攻防抽象模型,可以指导云上安全工作开展,并为云产品安全能力建设提供帮助。

Cloud Security Guides is a cloud computing security knowledge base project maintained by Tencent Security Cloud YUNDING LAB. It is used to collect excellent resources, literature, typical cloud security vulnerabilities and knowledge graphs discovered during cloud security research, and is based on the cloud reference model architecture As a basis, the security resources on the cloud are classified and arranged to provide a reference guide for the construction of security capabilities on the cloud. The cloud security panorama & attack-defense matrix of YUNDING LAB provided in Cloud Security Guides is a cloud knowledge graph and an abstract model of cloud product attack and defense summarized by YUNDING LAB based on the Cloud Security Research Institute, which can guide the development of security work on the cloud. And provide help for cloud product security capacity building.

1 Cloud Computing Reference Architecture :books:

2 Cloud Security Guidance:books:

2.1 Compliances

2.2 Standards and Benchmarks

2.3 Threat Modeling

2.4 Top Cloud Security Risks

2.5 Security Practices

3 Cloud Security Report:books:

4 Cloud Management Panel :books:

4.1 API

4.2 IAM

4.3 Security Service

4.4 Log and Audit

5 Cloud Service Panel:books:

5.1 Iaas

5.1.1 Compute

5.1.2 Storage

5.1.3 Network

5.2 Paas

5.3 Saas

6 Cloud Infrastructure Panel:books:

6.1 Docker&Kubernetes

7 CSP Security:books:

7.1 AWS

7.2 Azure

7.3 GCP

7.4 Others

8 Tools :hammer_and_wrench:

8.1 Infrastructure Tools

8.2 Container Tools

8.3 SaaS Tools

8.4 Penetration Testing Tools

9 CSP Cloud Vulnerability :books:

10 ATT&CK

11 云鼎实验室云安全全景图&攻防矩阵

云原生安全全景图

云安全攻防矩阵