This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Cloud-10 Guidelines"

From OWASP
Jump to: navigation, search
(Target Providers)
Line 36: Line 36:
  
 
== Target Providers ==
 
== Target Providers ==
1. Savvis -  
+
# Savvis - Shankar
2. Amazon EC2
+
# Amazon EC2 - Vinay
3. Google Apps
+
# Google Apps - Pankaj

Revision as of 14:10, 1 November 2011


Guideline Document

1. Development / Environment Setting

a) Developer Access

  1. Jump Server
    1. Multi factor Autch
    2. VPN/Cert based Authc

2. Architecture

  1. Tiering
  2. Communicaiton
    1. between zones
    2. within tiers
    3. ACLs
  3. AuthC/Identity
  4. Encryption
  5. WAF

3. Deployment and Testing

  1. Hardening

4. Operations

  1. Patching


Use Cases

  1. Deploying Third Party
  2. Building Your Own Application


Target Providers

  1. Savvis - Shankar
  2. Amazon EC2 - Vinay
  3. Google Apps - Pankaj
Retrieved from "https://wiki.owasp.org/index.php?title=Cloud-10_Guidelines&oldid=119729"