8
Cloud Native Goals
The adoption and innovation involving containers and microservices architectures have
brought with it its fair share of challenges. The need to mitigate cybersecurity vulnerabilities
has systematically climbed the priority ladder in modern organizations. As innovation
around cloud adoption accelerates, the threat landscape also increases. Security leaders
are tasked with protecting assets, both human
4
and non-human, by adopting practices to
prevent, detect, and respond to cyber threats while meeting strict compliance requirements.
A common historical narrative has been that security implementations impede the speed and
agility of DevOps teams. Therefore, security leadership must implement tighter integration and
bidirectional understanding to empower DevOps teams to create shared cyber risk ownership.
Secure cloud native adoption patterns and architectures that the organizations need to
adopt must be shared to ensure that the industry is enforcing security practices with high
priority and integrating it throughout the modern application development lifecycle. Most
importantly, highlighting the synergies of security architecture with the security leaders and
aligning organization’s objectives towards security in terms of Vulnerability Management,
Zero Trust, Cloud Security, and DevSecOps should be a top priority.
The concepts described throughout this paper are not designed to favor one service or
component product over another and can be applied regardless of service selection.
This document does not intend to provide general education on security concepts or cloud
computing concepts. It also does not recommend specific technologies or tools; however, it
may cite examples of technology or tools that address the topic discussed.
Beyond the recommendations in this document, specific data security handling practices
related to data protection and privacy regulatory mandates, e.g. GDPR, PCI DSS, may
need additional regulatory-specific consideration. We recommend readers consult
appropriate independent resources for guidance on any such technical controls and
compliance risk matters.
Assumptions
The CNCF defines cloud native within the CNCF Technical Oversight Committee’s (TOC) GitHub
repository. This paper does not seek to change this definition or expand upon it.
As cloud native adoption and modern software development methodologies continue to evolve,
the technologies that comprise an effective cloud native stack will continue to shift over time.
Representations of this shifting stack are included in the all encompassing cloud native landscape.
The term ‘workloads’ within this document covers any products, projects, applications, and
systems that have or will be developed, maintained, distributed, or deployed to a cloud-based
runtime environment.
3
Human capital is a vital asset necessary to the success of any organization, the corresponding intellectual property and relational
capital brought as a result is equally in need of protection.
剩余43页未读,继续阅读
芯光未来
- 粉丝: 2076
- 资源: 19
我的内容管理
展开
最新资源
- 计算机人脸表情动画技术发展综述
- 关系数据库的关键字搜索技术综述:模型、架构与未来趋势
- 迭代自适应逆滤波在语音情感识别中的应用
- 概念知识树在旅游领域智能分析中的应用
- 构建is-a层次与OWL本体集成:理论与算法
- 基于语义元的相似度计算方法研究:改进与有效性验证
- 网格梯度多密度聚类算法:去噪与高效聚类
- 网格服务工作流动态调度算法PGSWA研究
- 突发事件连锁反应网络模型与应急预警分析
- BA网络上的病毒营销与网站推广仿真研究
- 离散HSMM故障预测模型:有效提升系统状态预测
- 煤矿安全评价:信息融合与可拓理论的应用
- 多维度Petri网工作流模型MD_WFN:统一建模与应用研究
- 面向过程追踪的知识安全描述方法
- 基于收益的软件过程资源调度优化策略
- 多核环境下基于数据流Java的Web服务器优化实现提升性能
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
