Difference between revisions of "Cloud-10 Guidelines"

From OWASP
Jump to: navigation, search
(Created page with "1. Development / Environment Setting a) Developer Access 2. Architecture #Tiering #Communicaiton between zones 3. Deployment and Testing 4. Operations")
 
Line 2: Line 2:
  
 
a) Developer Access
 
a) Developer Access
 
+
#Jump Server
 +
##Multi factor Autch
 +
##VPN/Cert based Authc
  
 
2. Architecture
 
2. Architecture
  
 
#Tiering
 
#Tiering
#Communicaiton between zones
+
#Communicaiton  
 +
##between zones
 +
##within tiers
 +
##ACLs
 +
#AuthC/Identity
 +
#Encryption
 +
#WAF
  
 
3. Deployment and Testing
 
3. Deployment and Testing
 
+
#Hardening
  
 
4. Operations
 
4. Operations
 +
#Patching

Revision as of 09:02, 1 November 2011

1. Development / Environment Setting

a) Developer Access

  1. Jump Server
    1. Multi factor Autch
    2. VPN/Cert based Authc

2. Architecture

  1. Tiering
  2. Communicaiton
    1. between zones
    2. within tiers
    3. ACLs
  3. AuthC/Identity
  4. Encryption
  5. WAF

3. Deployment and Testing

  1. Hardening

4. Operations

  1. Patching