| People | Local Reqs | Source Code | Integration | Deployment | Runtime | Hardware | DNS | Services | Cloud |
|---|---|---|---|---|---|---|---|---|---|
| Developers | IDE | Languages | SCM providers | Build solutions | Servers | Embedded PC | URL | SaaS solutions | CDN |
| QA team | SCV | Frameworks | Pull requests | Deployment platforms | Operating systems | PCB | hostname | Third party APIs | Cloud services |
| DevOps team | Local tests | Libraries | Secrets mgmt | Releases | Webservers | USB dongle | Payment gateways | ||
| Package Maintainers | Git repos | Package Managers | Git repos | Functional tests | Application servers | GPU/CPU | Identity Providers | ||
| Page Builders | Packages | Security tests | Web engines | Analytics | |||||
| Open source | API test frameworks | Databases | Proxies | ||||||
| Proprietary Code | Unit tests | ||||||||
| People | Local Reqs | Source Code | Integration | Deployment | Runtime | Hardware | DNS | Services | Cloud |
Cloud native resources refer to the tools, technologies, and infrastructure required to develop, deploy, and manage applications that are designed to run in a cloud environment. These resources typically include containerization platforms, orchestration frameworks, serverless computing, and other cloud-specific technologies.
- PaaS
- CDN
- Cloud hosting providers
- Cloud native resources
DynamoDB, Azure Functions, Microsoft Power Apps, Azure Cosmos, Azure Application Gateway, AWS Elastic Load Balancer, AWS Certificate Manager
- CloudOps team
- DevOps team
- Reference the shared responsibility model
- Many of the cloud services are publicly facing endpoints by default
- What permissions are the cloud services using?
- How many assets do you have in the cloud?
- Cloud Security Posture Mananagement
- Attack surface mapping