Cloud Top Ten Risks

After completing the course, the student should be able to do the following: ● Associate lists of OWASP Top Ten Risks with major cloud cybersecurity risks. ● Apply appropriate cryptographic techniques to secure authentication mechanisms and cloud data. ● Identify the most effective strategies for resisting injection attacks, cross-site scripting attacks, and object deserialization attacks. ● Assess strategies to address risks posed by administrative failures, including misconfiguration, broken access control, vulnerable software components, and security monitoring.

• Overview of the Top Ten Risks
• Introduce the Top Ten Cloud Risks and their relationship to published OWASP Top Ten risk lists. Examine the highest-priority risk: injection attacks.
• Cloud Risks 2, 3, and 4
• This module reviews risks arising from authentication failures, sensitive data exposure, and availability risks (e.g. flooding).
• Cloud Risks 5, 6, and 7
• This module reviews risks arising from access control failures, security misconfiguration, and cross-site scripting.
• Cloud Risks 8, 9, and 10
• This module reviews risks arising from insecure deserialization, flawed software components, and inadequate logging or monitoring.