Skip to main content

Cloud Security Dictionary

This guide explains key terms used in cloud security and the Cyscale Cloud Platform.

Core Concepts

Alerts

Security notifications triggered when:

  • Resources fail security checks
  • Misconfigurations are detected
  • Compliance violations occur
  • Security thresholds are exceeded

In Cyscale, alerts are generated when assets fail to meet specific security controls.

Assets

Any cloud resource in your infrastructure, such as:

  • Compute instances (EC2, Azure VMs)
  • Storage volumes
  • Network interfaces
  • Identity resources (users, roles)
  • Database instances
Asset Components

Cloud resources often consist of multiple assets. For example, an AWS EC2 instance includes:

  • The compute instance itself
  • Attached EBS volumes
  • Network interfaces (ENIs)
  • Security groups
  • Elastic IP addresses (if assigned)

Connectors

Integration points that link Cyscale to your:

  • Cloud provider accounts
    • AWS accounts
    • Azure subscriptions
    • Google Cloud projects
    • Alibaba Cloud accounts
  • Identity providers
    • Okta organizations
    • Azure Active Directory
    • Google Workspace

Controls

Security rules that verify specific requirements:

  • Based on industry standards (like ISO 27001)
  • Define specific checks (e.g., "Ensure S3 bucket MFA Delete is enabled")
  • Include:
    • Detailed descriptions
    • Remediation steps
    • Severity ratings (Low/Medium/High)
    • Implementation guidance

CSPM

Cloud Security Posture Management:

  • Gartner-defined security category
  • Focuses on cloud misconfigurations
  • Ensures compliance with security standards
  • Works across multiple cloud providers
  • Example: Identifying publicly accessible storage buckets

Exemptions

Rule exceptions that:

  • Exclude specific assets from specific controls
  • Mark excluded assets as compliant
  • Help manage false positives
  • Support legitimate business cases

Policies

Security governance documents that:

  • Define security requirements
  • Map to specific controls
  • Include implementation procedures
  • Support compliance frameworks

Procedures

Implementation guidelines that:

  • Group related controls
  • Provide step-by-step instructions
  • Define how to meet policy requirements
  • Include detailed documentation

Sync

The data synchronization process that:

  • Updates Cyscale's asset inventory
  • Reflects current cloud configurations
  • Triggers security assessments
  • Maintains accurate compliance status

Learn more about Syncs in Getting Started