Explore commonly used Cloud Data Security terms.
Get to know AWS Audit Manager, an AWS service for continuous audit and compliance, offering automated evidence collection and custom framework support.
Amazon Web Services (AWS) Certificate Manager (ACM) is a service that lets you easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services.
AWS CloudHSM offers secure, hardware-based key storage and management in the cloud. Discover how CloudHSM provides enhanced security.
AWS Elastic Beanstalk is a fully-managed service offered by Amazon Web Services (AWS) that makes it easy to deploy and run web applications and services.
AWS Firewall Manager is a security service offered by Amazon Web Services. It is designed to help customers manage and enforce network security policies.
AWS IAM, or Amazon Web Services Identity and Access Management, ensures secure resource access and management within the AWS platform. Read more.
Understand AWS Lambda basics, offering serverless execution, event-driven architecture, scalability, and efficient cloud computing solutions.
AWS Network Firewall is a managed network security service that provides inbound and outbound traffic filtering for Amazon Virtual Private Clouds (VPCs).
AWS Organizations is a feature of the Amazon Web Services (AWS) platform that allows you to centralize billing, account management, and access control for multiple AWS accounts.
AWS PCA is a managed service for creating and managing private certificate authorities, facilitating the issuance and management of digital certificates in AWS.
AWS RAM (Resource Access Manager) is a service that allows secure sharing of AWS resources across multiple AWS accounts without the need for duplication or complex permission management.
AWS Security Hub is a security management service offered by Amazon Web Services (AWS)
Amazon Web Services (AWS) offers AWS Shield as a security service for safeguarding resources. Find out more.
AWS Storage Gateway is a powerful and convenient service for storing and retrieving data from on-premises storage systems using the AWS Cloud.
Access controls determine who can access data, apps, systems and digital resources – and in what circumstances they can do so.
An access control list (ACL) is a list of permissions that are associated with a specific file or resource on a computer system or network.
AES is a highly secure and efficient encryption algorithm that is widely used to protect data.
Advanced Persistent Threat (APT) is a sophisticated and prolonged cyber attack conducted by skilled adversaries with significant resources, involving stealthy tactics to gain unauthorized access and extract valuable information or control over compromised systems.
Amazon Athena is a serverless query service in AWS that enables easy analysis of data stored in Amazon S3 using standard SQL queries without the need for infrastructure management.
Aurora is a fully-managed, cloud-based relational database service provided by Amazon Web Services (AWS).
Learn how Amazon CloudWatch enhances AWS monitoring. Discover its capabilities to track metrics, monitor logs, set alarms, and more.
Amazon Cognito is a powerful tool for managing user identities, access controls, and permissions for applications and resources
Amazon Config is the ultimate tool for real-time monitoring and compliance tracking. Discover how it empowers seamless governance.
Amazon Detective is a security service offered by Amazon Web Services (AWS). It uses machine learning and graph theory to help customers investigate and identify the root cause of security issues
Amazon Elastic Block Store (EBS) is a block-level storage service for Amazon EC2 instances, offering durable and reliable virtual hard drives that can be easily attached, detached, and resized. It provides persistent storage volumes with automatic data replication within a specific Availability Zone, ensuring data durability and flexibility for EC2 instances.
Amazon EC2 from Amazon Web Services enables renting virtual computers (instances) for applications and workloads. Learn more.
Amazon EFS is a useful service for storing and accessing large amounts of data in the cloud. It is particularly well-suited for applications that require scalable file storage, high availability, and easy integration with Amazon EC2.
Amazon Inspector is a security assessment service offered by Amazon Web Services (AWS). It is designed to help customers identify and address vulnerabilities in their Amazon Elastic Compute Cloud
Learn more about Amazon Keyspaces from our glossary. FInd out how this cloud-based database service offers speed, and availability for AWS users.
Amazon Lightsail is a flexible and cost-effective solution for businesses and developers who need a simple and reliable way to set up and manage VPS instances in the cloud.
Explore Amazon Macie, a machine learning-powered AWS service. Learn how it ensures compliance and data security.
Amazon Neptune is a powerful and flexible graph database service that is well-suited for a wide range of applications that require fast, scalable, and reliable storage and querying of connected data.
Amazon QLDB uses blockchain technology to offer a tamper-proof ledger for secure transaction recording. Understand how it ensures data integrity.
Amazon Redshift
Route 53 Resolver DNS Firewall is a valuable service for organization looking to protect their Amazon VPC resources from DNS-based attacks
Amazon S3 is part of AWS that offers cloud storage for businesses to securely store and manage data. Learn more.
Amazon Timestream is a powerful and flexible tool for managing and analyzing time series data at scale.
AWS WAF is an essential tool for helping to secure your web applications and protect them from common threats.
Explore how AWS Artifact, a comprehensive portal, can help you download essential compliance reports and certifications.
AWS Backup is a fully-managed service by Amazon Web Services (AWS) that lets you back up your data automatically. Read more.
Antivirus software defends against, detects, and removes malware on computers, servers, and devices. Find out more.
Authentication is the process of verifying the identity of a user or entity before granting access, safeguarding against unauthorized access and impersonation attempts.
Authorization involves granting or denying access to resources based on user permissions, ensuring only authorized individuals or entities can access specific information or perform certain actions.
Explore Azure Active Directory (AD) in Sentra's glossary. Understand how Azure AD manages user identities and secures applications.
Azure AD DS is a managed domain service in Azure for identity and access management, combining on-premises and cloud resources.
Azure App Configuration is a centralized service in Azure for managing and storing application settings and feature flags, allowing for dynamic configuration updates without redeployment.
Azure Archive Storage is a low-cost, long-term cloud storage solution provided by Microsoft Azure for infrequently accessed data.
Azure Backup is a cloud-based data protection service in Azure that offers reliable backup and recovery for virtual machines, servers, and Azure resources.
Learn more about Microsoft Azure Bastion. Find out how to connect to Azure VMs with Azure Bastion for enhanced security.
Azure Blob Storage is a powerful and scalable solution for storing and managing large amounts of unstructured data in the cloud.
Azure DDoS Protection safeguards Azure-hosted applications and resources from DDoS attacks by employing monitoring, analysis, and mitigation techniques.
Azure Data Box is a physical appliance for fast and secure large-scale data transfer to and from the cloud.
Azure Data Lake Storage is a cloud-based storage service by Microsoft Azure that enables scalable and secure storage of large amounts of data for analytics, processing, and insights generation.
Learn more about Azure Disk Storage, a managed service providing durable block storage for VMs and Azure services in our glossary.
Azure Files is a cloud-based file storage service provided by Microsoft Azure that offers fully managed file shares accessible over the Server Message Block (SMB) protocol, allowing organizations to store and access files from anywhere and integrate seamlessly with Azure services and on-premises environments.
Azure Firewall Manager is a centralized security management service in Microsoft Azure that enables organizations to configure, manage, and monitor multiple Azure Firewall instances across different Azure subscriptions and regions from a single, unified interface.
Azure Key Vault is a security service offered by Microsoft Azure. It is designed to help customers securely store and manage their cryptographic keys, secrets, and certificates
Azure NetApp Files is a fully-managed Azure service that provides high-performance, enterprise-grade file storage capabilities, allowing users to easily deploy and manage shared file systems in the Azure cloud environment.
Binary Authorization is a security feature in Google Cloud Platform that ensures only authorized and digitally signed container images are deployed.
Cache poisoning is a type of attack in which an attacker is able to inject malicious data into a cache, often a DNS cache.
CCPA is a privacy law in California that gives residents rights over their personal information and imposes obligations on businesses regarding data collection, use, and sale, aiming to enhance consumer privacy and control over personal data.
CPRA, or the California Privacy Rights Act, is a California state law that enhances consumer privacy rights by expanding regulations on data collection, processing, and sharing, and establishing stricter requirements for businesses in relation to data protection and user privacy.
Chronicle Security Operations is a platform provided by Google Cloud that offers advanced threat detection, investigation, and remediation capabilities, empowering organizations to enhance their security posture and effectively respond to cyber threats.
Cloud Detection and Response (CDR) solutions focus on overseeing & safeguarding cloud environments by detecting and responding to security threats in real-time.
Cloud Security Posture Management (CSPM) refers to security tools that are used to detect misconfiguration and compliance issues in cloud infrastructures.
Cloud vulnerabilities refer to weaknesses or gaps in the security of cloud computing systems that could potentially be exploited
Container security involves implementing measures to protect the integrity and isolation of containerized applications and their underlying infrastructure. It focuses on mitigating vulnerabilities, enforcing access controls, monitoring runtime behavior, and ensuring secure container image management to prevent unauthorized access, data breaches, and malicious activities.
A Continuity of Operations Plan (COOP) ensures organizations can continue critical functions during and after disruptions or disasters.
Ciphertext is the encrypted form of plaintext, which is the regular, unencrypted text. Learn more.
Data Access Governance (DAG) is the process of implementing policies, procedures, and controls to manage access to organizational data.
Data Detection & Response (DDR) refers to how organizations discover and respond to threats affecting their data. Learn how to respond to these threats.
The Data Encryption Standard (DES) is a symmetric-key block cipher algorithm that was first published by the National Institute of Standards and Technology (NIST) in 1977.
Data engineering is the practice of designing, building, and maintaining the infrastructure and processes needed to store, transform, and analyze data.
Data integrity refers to the accuracy, consistency, and reliability of data throughout its lifecycle, ensuring that information remains complete, unaltered, and valid. It involves maintaining the integrity of data from creation to storage and retrieval, safeguarding against unauthorized modifications, corruption, or loss.
A data lake represents a modern method for data storage and management, which is distinct from conventional systems. Read more.
Data lineage refers to the historical record or lineage of a data element, tracking its origins, transformations, and movements throughout its lifecycle. It provides a detailed understanding of how data flows and changes within an organization, enabling traceability, data quality analysis, and compliance with regulations.
Data localization refers to the region or jurisdiction where data is stored in order to comply with local laws and ensure data privacy and protection.
Data Loss Prevention refers to tools that prevent employees or users from sending sensitive or confidential data outside the company’s network. Learn more.
Data mining refers to the process of extracting valuable insights, patterns, and knowledge from large datasets. It involves the application of various statistical and machine learning techniques to uncover hidden patterns, correlations, and trends within the data, enabling organizations to make informed decisions and predictions.
Data science encompasses the interdisciplinary field that uses scientific methods, processes, algorithms, and systems to extract knowledge and insights from structured and unstructured data. It combines elements of statistics, mathematics, programming, and domain expertise to collect, analyze, and interpret data, ultimately providing actionable insights and solutions for business or scientific purposes.
Data Security Compliance is a process that defines protocols, procedures and policies to ensure that sensitive data is protected
A data warehouse is a centralized repository that stores structured, organized, and processed data from various sources. It is designed for efficient querying and analysis, providing a foundation for business intelligence and reporting.
DevOps unites development and operations teams, enhancing collaboration that speeds up software releases while ensuring quality. Find out more.
DynamoDB, provided by Amazon Web Services (AWS), is a completely managed NoSQL database service. Learn more.
Explore the definition of Elastic Disaster Recovery: A cloud-based solution for rapid, scalable data recovery, ensuring minimal downtime and data loss.
Encryption converts readable data to ciphertext for secure transmission, and storage, preventing unauthorized access or tampering. Learn more.
GCP Access Transparency provides logs of data access by Google teams, while GCP Access Approval manages access requests to GCP resources.
GDPR is an extensive EU data protection law. It empowers individuals with data control and unifies EU regulations. Learn more.
Google Advanced Protection Program is a security initiative that provides enhanced safeguards for Google accounts, including stronger authentication methods, proactive phishing and malware protection, and additional measures to protect against targeted attacks.
Google Assured Workloads is a service that helps organizations meet specific regulatory and compliance requirements within Google Cloud Platform.
Google Cloud Firewall is a network security solution that controls incoming and outgoing traffic to and from virtual machine instances in Google Cloud Platform.
GCP is a powerful and flexible cloud computing platform that provides businesses with the tools and infrastructure they need to build, deploy, and scale applications and websites quickly and easily.
Find out more about Google Cloud Secret Manager, a secure service for managing secrets on the Google Cloud Platform.
HIPAA, enacted in 1996, safeguards US health data privacy and security, securing individuals' health information. Read more.
Homomorphic encryption is an encryption technique that allows users to perform mathematical operations on encrypted data, without accessing the encryption key.
Hybrid cloud is a computing environment that combines public cloud services with on-premises infrastructure.
IaaS is a cloud model where a provider offers computing, networking, and storage via the internet. Find out more.
Knative is an open-source platform to develop and deploy serverless apps. Learn more.
Kubernetes is an open-source system for automating containerized app deployment, scaling, and management. Read more.
Large Language Models (LLMs) utilize natural language processing to understand and generate human-like text.
