| CPC H04L 63/1425 (2013.01) [H04L 63/105 (2013.01); H04L 63/1433 (2013.01)] | 14 Claims |
|
1. A method for providing secure use of a cloud technology within a cloud infrastructure, the method comprising:
securing a root account by establishing governance processes of a cloud configuration to facilitate introduction of new cloud environments that are compliant with a framework of the cloud infrastructure;
enabling audit logging to generate logs of the cloud configuration comprising determining audit and compliance requirements for logging, and monitoring for cloud management plane, application program interfaces, and services logging;
enabling threat monitoring and cloud security posture management by procuring and implementing compliance product of the cloud configuration,
wherein the threat monitoring comprises:
mapping violations, notifications, alarms, severity levels to a virtual machine global information security standards framework;
automatically onboarding and off-boarding accounts to products that are compliant to the cloud configuration;
determining operating model and supporting processes for compliance to the cloud configuration;
monitoring the compliance to detect when it is disabled or modified; and
routing the logs of the cloud configuration to a managed security service provider.
|