Cloud systems are becoming major platforms for software shipment and deployment. They provide easier resource control, better deployment features, better scalability, data security, and much more. Reports show that the value of cloud computing is quickly increasing. Despite their benefits, by design and by being very recent compared to conventional systems, the insecurity of such systems have been major concerns for enterprises. According to AquaSecurity, the volume of cloud attacks dramatically increased over time. In the second half of 2019, there were on average 11 attacks per day on such environments. Then in the first half of 2020, there were 160 attacks per day.
To address these issues, we aim to secure such systems by leveraging many aspects of system security, such as data collection, detection, forensics, and incident response. These systems have various differences in each step of securing the system, compared to normal host-based systems.
We are working on securing such system by focusing on configuration. Containers are the backbone of cloud-based systems, and they leverage on various security mechanisms to perform isolation. Unlike old VM-based (Virtual Machine) systems, they provide less isolation since they use the host kernel; hence, are less secure than VMs. We leverage many methods to secure such systems; such as dynamic and static analysis, natural language processing (NLP), semantic inference and some more.