Chapter 32. AppSec in the Cloud Era

Sandeep Kumar Singh

Over the past few years, there has been significant growth and adoption of cloud-based applications. The shift to cloud computing has been driven by its many benefits, including scalability, agility, cost savings, and global accessibility. This adoption has also brought about significant changes in application security. Traditionally, AppSec focuses on protecting applications within an organization’s premises. However, the move to cloud computing has pushed applications and their associated data outside the organization’s perimeter, leading to new security challenges and considerations. As an AppSec professional, learning the cloud challenges and adopting new controls is a must for protecting applications in the cloud.

Learn Shared Responsibility Model

One of the fundamental changes that cloud computing brings to application security is the shared responsibility model. In traditional on premises environments, organizations had full control over the security of their infrastructure and applications. With cloud computing, the responsibility for securing the underlying infrastructure shifts to the cloud provider, while the organization is responsible for securing applications and data through access controls, authentication, secure coding, and managing third-party risks.

It’s important to note that the exact division of responsibilities ...

Get 97 Things Every Application Security Professional Should Know now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

97 Things Every Application Security Professional Should Know by Reet Kaur, Yabing Wang

Chapter 32. AppSec in the Cloud Era

Sandeep Kumar Singh

Learn Shared Responsibility Model

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly