This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Cloud-10 Guidelines"
From OWASP
Vinaykbansal (talk | contribs) (Created page with "1. Development / Environment Setting a) Developer Access 2. Architecture #Tiering #Communicaiton between zones 3. Deployment and Testing 4. Operations") |
Vinaykbansal (talk | contribs) |
||
| Line 2: | Line 2: | ||
a) Developer Access | a) Developer Access | ||
| − | + | #Jump Server | |
| + | ##Multi factor Autch | ||
| + | ##VPN/Cert based Authc | ||
2. Architecture | 2. Architecture | ||
#Tiering | #Tiering | ||
| − | #Communicaiton between zones | + | #Communicaiton |
| + | ##between zones | ||
| + | ##within tiers | ||
| + | ##ACLs | ||
| + | #AuthC/Identity | ||
| + | #Encryption | ||
| + | #WAF | ||
3. Deployment and Testing | 3. Deployment and Testing | ||
| − | + | #Hardening | |
4. Operations | 4. Operations | ||
| + | #Patching | ||
Revision as of 14:02, 1 November 2011
1. Development / Environment Setting
a) Developer Access
- Jump Server
- Multi factor Autch
- VPN/Cert based Authc
2. Architecture
- Tiering
- Communicaiton
- between zones
- within tiers
- ACLs
- AuthC/Identity
- Encryption
- WAF
3. Deployment and Testing
- Hardening
4. Operations
- Patching
